You can now use the AWS CLI to authenticate and register on-premises servers with AWS CodeDeploy using temporary credentials generated by the AWS Security Token Service. This method enables you to automate registering a large number of on-premises servers with CodeDeploy.

Amazon EC2 Container Service (ECS) now supports the ability to customize the placement of tasks on container instances. Previously, you would have to write custom schedulers to filter, find, and group resources if you needed to place a task on a container instance with certain resource requirements (e.g., a specific instance type).

Amazon WorkMail now allows you to use Microsoft Outlook 2016 for Mac to access your email and calendar, and email client applications that use the IMAP protocol to access your email. This means users can choose from a wide range of email clients when using Amazon WorkMail, including Microsoft Outlook for Windows and Mac OS X, IMAP-based email clients, mobile devices and email clients that use the ActiveSync protocol, Apple Mail and Calendar applications on OS X, and the Amazon WorkMail web client from a web browser. In addition, IT applications that use the IMAP protocol to access email will now also work with Amazon WorkMail.

You can now visualize the results of your Amazon Athena queries in Amazon QuickSight. Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Connecting to Athena from QuickSight is a 1-click process. There’s no need to provide endpoints, username and password. Simply select Athena as your data source, select the database and tables you want to analyze and start visualizing in QuickSight. Check out the AWS Big Data blog post to learn more about how you can leverage QuickSight with Athena.

You can now connect to AWS CodeCommit repositories with Git credentials, which let you use a static username and password to authenticate over HTTPS. Git credentials provide a simple and reliable way to access AWS CodeCommit that is compatible with the command line or terminal, the AWS CLI, the Git CLI, and any Git tool or IDE that supports basic HTTPS authentication. You can use Git credentials to quickly and easily access your repositories from your preferred development environments.

Amazon Elasticsearch Service now provides built-in integration with the Phonetic Analysis plugin, which allows you to run “sounds-like” queries on your data. With this plugin, you can easily account for misspellings and common phonetic variants of search terms, and return more comprehensive query results. The Phonetic Analysis plugin is pre-installed and ready to use on all Amazon Elasticsearch Service domains running Elasticsearch version 2.3. To use this feature, simply update your Elasticsearch field mappings using the Elasticsearch API to indicate which fields you would like to include for phonetic analysis and the type of analyzer to use. You can then run your queries as you normally do, and Amazon Elasticsearch Service will return results including those that match similar sounding terms, without the need for you to write any custom code.

Starting today, you can process, store, and analyze streaming data in AWS GovCloud (US) using Amazon Kinesis Streams. Amazon Kinesis Streams enables you to continuously collect data as it’s generated from applications, machines, and devices, and respond in real-time to your business needs. With the availability in AWS GovCloud, Amazon Kinesis Streams is now available in all public AWS regions.

The redesigned Amazon WorkMail web client now offers a modern user interface, and makes it easier to access your email from a web browser. You can customize the size of the hierarchy and preview panels, which allows you to optimize your experience for the size of your screen. In addition, your most frequently used folders appear at the top of your folder list so that you don’t have to search for them.

You can now configure Amazon Kinesis Firehose to prepare your streaming data before it is loaded to data stores. With this new feature, you can easily convert raw streaming data from your data sources into formats required by your destination data stores, without having to build your own data processing pipelines.

AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. AWS IoT can support billions of devices and trillions of messages, and can process and route those messages to AWS endpoints and to other devices reliably and securely. With AWS IoT, your applications can keep track of and communicate with all your devices, all the time, even when they aren’t connected.

We are pleased to announce that the AWS Schema Conversion Tool (SCT) has even tighter integration with AWS Database Migration Service. Once SCT has converted your database schema, for supported DMS source/target combinations, SCT can now create the appropriate endpoints in DMS. With the endpoints created, SCT then offers the ability generate the migration tasks necessary to move the data for the converted schema in DMS. The migration tasks can be monitored from SCT and re-run as required. This integration offers database engineers a convenient workspace to handle a migration from end-to-end.

You can now respond to Amazon EMR cluster state changes with Amazon CloudWatch Events. The new Amazon EMR event types in Amazon CloudWatch Events provide information including state and related severity for Amazon EMR clusters, instance groups, steps, and Auto Scaling policies. Using simple rules that you can quickly set up, you can match events and route them to Amazon SNS topics, AWS Lambda functions, Amazon SQS queues, streams in Amazon Kinesis Streams, or built-in targets. Additionally, you can view events for a cluster on the Cluster Details page in the Amazon EMR console.

Starting today, you can seamlessly move snapshots of your encrypted and unencrypted RDS databases across commercial AWS regions and between various accounts, which can be used to create a robust disaster recovery for your RDS database instances. Previously, RDS supported copying your unencrypted DB snapshots across multiple regions and accounts, and copying your encrypted DB snapshots between accounts within the same region. Now, you can also copy your encrypted DB snapshots between accounts and across multiple regions as seamlessly as unencrypted snapshots.

Amazon Elastic File System (Amazon EFS) now allows you to access your file data in the US East (N. Virginia) region from on-premises datacenters. This new capability was announced for all other Amazon EFS regions at AWS re:Invent 2016. On-Premises access is now available in all Amazon EFS regions: US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).

We are pleased to announce that Amazon ElastiCache now supports Memcached version 1.4.33. You can now launch new clusters with Memcached 1.4.33, as well as upgrade existing ones to the new version. Compared to version 1.4.24 (previous version supported by ElastiCache for Memcached), this version adds support for new commands and parameters, better management of large items (512 MB or higher), improved memory management (memory reclaim, dynamically increase memory available to Memcached), enhanced item log management, and miscellaneous bug fixes.

Amazon EC2 Container Service (ECS) now provides beta support for Windows Server Containers. Microsoft Windows Server 2016 supports Docker, enabling Windows users to package applications into images that can be run on any Windows 2016 server. You can now use Amazon ECS to deploy and scale your Windows Containers across your Amazon EC2 Windows instances.

Today, we are introducing a new console-based GUI for the AWS Application Discovery Service which makes it easier for you to visualize applications running in on-premises data centers, their associated dependencies, and their performance profile in the AWS Management Console.

Amazon WorkMail interoperability with Microsoft Exchange Server now allows you to use a unified global address book. A unified global address book allows all your users to access the same user information, groups, and resources, regardless of which email platform they are part of. With this capability, you can now seamlessly use both Amazon WorkMail and Microsoft Exchange Server in your organization, making it easy to start migrating your email to AWS.

You can now restore AWS Elastic Beanstalk environments that have been terminated. You can restore Elastic Beanstalk environments within 42 days of their termination, and the restored environments will retain the original environment IDs, CNAMEs, application versions, and configuration options.

Amazon QuickSight Enterprise Edition is designed to support fast and easy business analytics that scales across your entire organization. You can now integrate Microsoft Active Directory (AD) with QuickSight’s Enterprise Edition to manage user access to QuickSight, so users can sign-in to QuickSight using their existing corporate credentials. In addition, you can provision and administer users across multiple Active Directories. The Enterprise Edition also provides Encryption at Rest, which adds an additional level of protection to your SPICE (Super-fast, Parallel, In-memory, Calculation Engine) data.

Today, Amazon Cognito adds two features that enable mobile and web app developers to manage users and user permissions. Amazon Cognito Your User Pools now offers groups as an easy way to manage users and their permissions. Developers can create and edit groups and group membership in a user pool through the Amazon Cognito console and APIs. Amazon Cognito also now supports fine-grained role-based access control (RBAC) in Amazon Cognito Federated Identities. Developers can use this feature to assign different IAM roles and permissions to different authenticated users. Developers can have IAM roles set by identity providers, or developers can create rules that map users to roles based on group membership or other user attributes.

Amazon Cognito is now also available in the US East (Ohio) and Asia Pacific (Sydney) regions.

Starting today, the tags you assign to your Amazon WorkSpaces will automatically be applied to the Amazon WorkSpaces Application Manager (WAM) service charges, and any applications deployed to those WorkSpaces using WAM. Tags let you categorize your WorkSpaces and WAM applications so you can easily identify their purpose and track costs accordingly. For example, you could use tags to identify WorkSpaces and WAM applications used by a particular department, project, application, vendor, or use case. With this new capability, you can track WorkSpaces, WAM, and application usage, all by simply assigning tags to your WorkSpaces.

You can now provision Amazon EC2 Dedicated Hosts in the AWS GovCloud (US) Region. Dedicated Hosts are physical servers with EC2 instance capacity fully dedicated for your use. Dedicated Hosts can help you reduce costs by allowing you to use your existing server-bound software licenses, including Windows Server, SQL Server, and SUSE Linux Enterprise Server, and can also help you meet license compliance requirements. For more information on Dedicated Host availability and pricing, visit the Dedicated Hosts pricing page.

AWS Cost Explorer helps you visualize, understand, and manage your AWS costs and usage over time. This is done via an intuitive interface that enables you to quickly create custom reports (including charts and tabular data) that analyze cost and usage data, both at a high level (e.g., total costs and usage across all accounts) and for highly-specific requests (e.g., m2.2xlarge costs within account Y that are tagged “project: secretProject”).

Amazon CloudWatch announces detailed billing to CloudWatch Logs. You can now get usage and cost per log group. You can also add tags on your log groups to get a fine-grained view on cost for logs across business dimension such as cost center, application name, AWS services such as Lambda, CloudTrail, ECS, and other. Up to 50 tags can be added to each log group.

To learn more about this feature, click here. To know more about CloudWatch Logs, visit the CloudWatch Logs product page.

You can now configure your Amazon Kinesis Streams subscription in CloudWatch Logs to evenly distribute log data from a log group to multiple shards. Previously log data from one log stream went to the same shard.

To enable this feature please refer to the documentation here. To know more about CloudWatch Logs, visit the CloudWatch Logs product page.

AWS is excited to announce immediate availability of the new Europe (London) Region. The London Region joins Ireland and Frankfurt as AWS’ third European location, and provides you with a new option for end users and applications benefiting from infrastructure located in Europe. We are now operating sixteen regions worldwide, bringing the total number of AWS Availability Zones to 42, which serve customers from over 190 countries.

The new London Region is currently available for multiple services, including Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage Service (Amazon S3), and Amazon Relational Database Service (Amazon RDS). For a complete list of AWS Regions and services, visit the Global Infrastructure page. London Region pricing is available on the detail page of each service, which you can find through our products & services page.

The Oracle October 2016 Patch Set Updates (PSU) are now available for Amazon RDS for Oracle. To create a new Oracle "11.2.0.4.v10" and "12.1.0.2.v6" DB instance with just a few clicks, use the "Launch DB Instance Wizard" in the AWS Management Console and select the appropriate DB engine version. To upgrade an existing database instance, use the "Modify" option in the AWS Management Console and select the appropriate DB engine version. Before you upgrade a production database instance, we recommend that you test the upgrade process on a snapshot restore of your production DB instance to verify the duration of the upgrade process as well as test your application with the new DB engine version.

Tags can be used to categorize and track your AWS costs, but depend upon you being diligent about applying tags to your resources and making sure that they are enabled for cost allocation. To reduce this overhead, we are introducing an option to automatically mark your resources with the new Resource Created By tag. This tag includes information related to the resource creator depending on the authentication mechanism used, such as Account ID and IAM role. Even though the Resource Created By tag is specific to the Billing & Cost Management console, it functions exactly like the user-defined cost allocation tags within the Detailed Billing Report, Cost & Usage Report, Cost Explorer, and Budgets products.

AWS Elastic Beanstalk has simplified the process of setting up your Elastic Beanstalk environments with AWS X-Ray so you can more easily begin to analyze and debug distributed applications running on Elastic Beanstalk. The X-Ray daemon is now pre-installed on the Elastic Beanstalk platforms for Java, Node.js and .NET, reducing the setup work required to use X-Ray with Elastic Beanstalk.

Today, we are adding new pricing- and reservation-related data to the AWS Cost & Usage Report. In addition to your actual rate for your usage, you will now see the public on-demand rate for that same usage, giving you the ability to easily quantify your savings relative to public on-demand pricing. Additionally, the Cost & Usage Report now contains detailed reservation line items so that you can clearly quantify the costs associated with your reserved resources. These line items include information such as the number of Reserved Instances (“RIs”) purchased under a given subscription, the number of hours reserved under each RI within that subscription, and the total number of reserved hours across all RIs within that subscription.

You can now use the standard Python logging module to log error and warning messages from Amazon Redshift user-defined functions (UDF). You can then query the SVL_UDF_LOG system view to retrieve the messages logged from your UDF’s and troubleshoot your UDF’s easily.

You can now simulate real-world network connections and conditions while testing your Android, iOS, and web apps with AWS Device Farm. Simply specify a network profile when scheduling an automated test run. A number of curated profiles are provided such as "Average 3G" and "Lossy WiFi," or you can create your own. The selected network profile's parameters, which include throughput, delay, jitter, and loss, will be applied to each of your selected device's WiFi connections for the duration of the run.

AWS is excited to announce immediate availability of the new Canada (Central) Region. Canada joins Northern Virginia, Ohio, Oregon, Northern California, and AWS GovCloud as the sixth AWS Region in North America and as the fifteenth worldwide, bringing the total number of AWS Availability Zones to 40 globally.

You can now record configuration changes to your Amazon Redshift clusters with AWS Config. The detailed configuration recorded by AWS Config includes changes made to Amazon Redshift clusters, cluster parameter groups, cluster security groups, cluster snapshots, cluster subnet groups, and event subscriptions. In addition, you can run two new managed Config Rules to check whether your Amazon Redshift clusters have the appropriate configuration and maintenance settings. These checks include verifying that your cluster database is encrypted, logging is enabled, snapshot data retention period is set appropriately, and much more.

All AWS Config Rules customers can now create up to 50 rules in their AWS account by default. Additionally, you can request an increase for the limit on the number of rules in your account by visiting the AWS Service Limits page.

Starting today AWS WAF (Web Application Firewall) is available on the Application Load Balancer (ALB). You can now use AWS WAF directly on Application Load Balancers (both internal and external) in a VPC, to protect your websites and web services. With this launch customers can now use AWS WAF on both Amazon CloudFront and Application Load Balancer.

Amazon GameLift is a fully managed service that makes it simple and cost-effective to deploy, operate, and scale session-based multiplayer game servers in the cloud. GameLift has expanded regional availability to a total of 9 regions: US East (N. Virginia), US West (Oregon), EU Central (Frankfurt), EU West (Ireland), Asia Pacific South (Mumbai), Asia Pacific Northeast (Seoul and Tokyo), Asia Pacific Southeast (Singapore) and South America East (São Paulo). This expansion helps game developers launch game servers closer to their players to provide even lower latency and a better gameplay experience.

Your Amazon RDS for Oracle Database Instance can now send emails using utl_smtp package and communicate with external Web Servers and TCP/IP-based servers using utl_http and utl_tcp packages. To learn more about using this feature, refer to Amazon RDS for Oracle documentation.

The AWS Quick Start for JIRA now includes support for JIRA Service Desk Data Center. You can use the updated Quick Start to deploy one of the following JIRA products on AWS: • JIRA Software Data Center, which is a software development tool that is used by agile teams. This tool helps development teams create and estimate projects, build a sprint backlog, identify team commitments and velocity, visualize team activity, and report on progress. • JIRA Service Desk Data Center, which provides IT service management software with high availability and performance at scale on AWS. JIRA Service Desk is easy to use, simple to set up, and has everything you need for IT support and customer service. Teams can link JIRA Service Desk tickets to JIRA Software issues and keep development and IT connected for fast issue resolution.

As part of AWS’ continued focus on security of information, DMS now supports SSL enabled endpoints for Oracle database engines. This is an addition to our existing support for SQL Server, PostgreSQL, Amazon Aurora, MySQL, and MariaDB. Coupled with the existing encryption offered by a VPN or AWS Direct Connect, customers can provide security for their data.

You can now use AWS Config to record configuration changes to software on your EC2 instances as well as virtual machines (VMs) or servers in your on-premises environment. Through AWS Config integration with Amazon EC2 Systems Manager, you gain visibility into Operating System configurations, system-level updates, installed applications, network configuration and more. AWS Config provides a history of OS and system-level configuration changes that you can use for assessing security risks, troubleshooting, tracking license usage, etc.

Amazon AppStream 2.0 is now generally available. AppStream 2.0 is a fully managed, secure application streaming service that allows you to stream desktop applications from AWS to any device, without rewriting them. AppStream 2.0 provides users with instant-on access to the applications they need, and a responsive, fluid user experience running in an HTML5 web browser.

AWS Step Functions makes it easy to coordinate the components of distributed applications and microservices using visual workflows. Building applications from individual components that each perform a discrete function lets you scale and change applications quickly. Step Functions is a reliable way to coordinate components and step through the functions of your application. Step Functions provides a graphical console to arrange and visualize the components of your application as a series of steps. This makes it simple to build and run multi-step applications. Step Functions automatically triggers and tracks each step, and retries when there are errors, so your application executes in order and as expected. Step Functions logs the state of each step, so when things do go wrong, you can diagnose and debug problems quickly. You can change and add steps without even writing code, so you can easily evolve your application and innovate faster.

AWS Shield is a managed DDoS protection service that protects your web applications on AWS from DDoS attacks. AWS Shield Standard is available to all AWS customers at no additional cost, and protects your applications from the most common, frequently occurring DDoS attacks. If you need a higher level of protection against large and sophisticated attacks, you can subscribe to AWS Shield Advanced to protect your applications on Elastic Load Balancing, Amazon CloudFront and Amazon Route 53. With AWS Shield Advanced, you also get access to AWS WAF at no additional cost, giving you the flexibility to write customized mitigations against application layer attacks. AWS Shield Advanced also provides 24X7 access to the DDoS Response Team (DRT) who can apply custom mitigations on your behalf and DDoS Cost Protection, to protect your AWS bill against usage fee surges during mitigation of a DDoS attack.

Lambda@Edge, now in Preview, allows you to write functions deployed to the AWS network of Edge locations in response to CloudFront. This new feature allows you to customize or personalize content for your end users close to where they’re located, minimizing network latency. For instance, you can modify HTTP headers to personalize your application for each user, implement custom authentication or encryption logic right at the edge, detect and group users by device, support legacy devices by reformatting content on the viewer response, and much more.

AWS Glue is a fully managed ETL service that makes it easy to move data between your data stores. AWS Glue simplifies and automates the difficult and time consuming data discovery, conversion, mapping, and job scheduling tasks. AWS Glue guides you through the process of moving your data with an easy to use console that helps you understand your data sources, prepare the data for analytics, and load it reliably from data sources to destinations.

Amazon Pinpoint makes it easy to run targeted campaigns to drive user engagement in mobile apps. Amazon Pinpoint helps you understand user behavior, define which users to target, determine which messages to send, schedule the best time to deliver the messages, and then track the results of your campaign.

EC2 instances in Amazon Virtual Private Cloud (VPC) now offer native support for the IPv6 protocol. IPv6 can be enabled for existing and new VPCs through the AWS management console, API/SDK and CLI. Customers can use IPv6 on EC2 instances to access Internet resources as well as on-premise applications using Direct Connect. This enables numerous use cases such as hosting public services and meeting IPv6 compliance requirements.

AWS OpsWorks has introduced a new offering, AWS OpsWorks for Chef Automate. OpsWorks for Chef Automate provides a fully managed Chef server and suite of automation tools that give you workflow automation for continuous deployment, automated testing for compliance and security, and a user interface that gives you visibility into your nodes and their status. The Chef server gives you full stack automation by handling operational tasks such as software and operating system configurations, package installations, database setups, and more. The Chef server centrally stores your configuration tasks and provides them to each node in your compute environment at any scale, from a few nodes to thousands of nodes. OpsWorks for Chef Automate is completely compatible with tooling and cookbooks from the Chef community and automatically registers new nodes with your Chef server.

You can now add documentation to your methods and resources for your APIs built using Amazon API Gateway, making it easy for your API consumers to understand your API. You can add documentation for your API directly using the API Gateway console, CLI, and SDK, or simply specify it using documentation tags within the Swagger definition for the API. You can also reuse documentation across common aspects of your API. For example, you can author standard error documentation just one time, and use it in multiple API responses as without duplicating the actual content, making it faster to document your APIs and eliminating “copy-paste” errors that can arise with duplicated strings. Once your documentation is published as part of an API stage, you can export it using the Swagger export feature and make it available in your developer portal.

AWS CodeBuild is a fully managed build service that compiles source code, runs tests, and produces software packages that are ready to deploy. With CodeBuild, you don’t need to provision, manage, and scale your own build servers. CodeBuild scales continuously and processes multiple builds concurrently, so your builds are not left waiting in a queue. You can get started quickly by using prepackaged build environments, or you can create custom build environments that use your own build tools. With CodeBuild, you are charged by the minute for the compute resources you use.

You can now configure a dead letter queue (DLQ) on AWS Lambda to give you more control over message handling for all asynchronous invocations, including those delivered via AWS events (S3, SNS, IoT, etc). You can setup a DLQ by configuring the 'DeadLetterConfig' property when creating or updating your Lambda function. You can provide an SQS queue or an SNS topic as the 'TargetArn' for your DLQ, and AWS Lambda will write the event object invoking the Lambda function to this endpoint after the standard retry policy (2 additional retries on failure) is exhausted.

AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors. X-Ray provides an end-to-end view of requests as they travel through your application, and shows a map of your application’s underlying components. You can use X-Ray to analyze both applications in development and in production, from simple three-tier applications to complex microservices applications consisting of thousands of services.

AWS Batch enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS. AWS Batch dynamically provisions the optimal quantity and type of compute resources (e.g., CPU or memory optimized instances) based on the volume and specific resource requirements of the batch jobs submitted. With AWS Batch, there is no need to install and manage batch computing software or server clusters that run your jobs, allowing you to focus on analyzing results and solving problems. AWS Batch plans, schedules, and executes your batch computing workloads across the full range of AWS compute services and features, such as Amazon EC2 and Spot Instances.

Blox is a collection of open source projects for container management and orchestration on Amazon ECS. Blox gives you more control over how your containerized applications run on Amazon ECS, and it enables you to build schedulers and integrate third-party schedulers on top of ECS, while leveraging Amazon ECS to fully manage and scale your clusters.

You can now receive notification and remediation guidance when AWS is experiencing events that may impact you. Available to all AWS customers, AWS Personal Health Dashboard provides a personalized view into the performance and availability of the AWS services you are using, as well as alerts that are automatically triggered by changes in the health of those services.

Amazon EC2 Systems Manager is a management service that helps you automatically collect software inventory, apply Windows OS patches, create system images, and configure Windows and Linux operating systems. These capabilities help you define and track system configurations, prevent drift, and maintain software compliance. Accomplishing these tasks across hybrid cloud architectures is often complex, time consuming, and costly because existing management tools typically provide limited automation support, require specialized infrastructure, and have complex licensing requirements. By providing a management approach that is designed for the scale and agility of the cloud but extends into your on-premises data center, EC2 Systems Manager makes it easier for you to seamlessly bridge your existing infrastructure with AWS.

Amazon Rekognition is a service that makes it easy to add image analysis to your applications. With Rekognition, you can detect objects, scenes, and faces in images. You can also search and compare faces. Rekognition’s API lets you easily build powerful visual search and discovery into your applications. With Amazon Rekognition, you only pay for the images you analyze and the face metadata you store. There are no minimum fees and there are no upfront commitments.

Amazon Polly is a service that turns text into lifelike speech. Polly lets you create applications that talk, enabling you to build entirely new categories of speech-enabled products. Polly is an Amazon AI service that uses advanced deep learning technologies to synthesize speech that sounds like a human voice. Polly includes 47 lifelike voices spread across 24 languages, so you can select the ideal voice and build speech-enabled applications that work in many different countries. With Polly, you only pay for the number of characters you convert to speech, and you can save and replay Polly’s generated speech. Polly’s low cost per character converted, and lack of restrictions on storage and reuse of voice output, make it a cost-effective way to enable Text-to-Speech everywhere.

AWS Greengrass is software that lets you run local compute, messaging & data caching for connected devices in a secure way. With AWS Greengrass, connected devices can run AWS Lambda functions, keep device data in sync, and communicate with other devices securely – even when not connected to the Internet. Using AWS Lambda, Greengrass ensures your IoT devices can respond quickly to local events, operate with intermittent connections, and minimize the cost of transmitting IoT data to the cloud.

Today, we’re adding PostgreSQL compatibility to Amazon Aurora. With Amazon Aurora’s new PostgreSQL support, customers can get up to several times better performance than the typical PostgreSQL database and take advantage of the scalability, durability, and security capabilities of Amazon Aurora – all for one-tenth the cost of commercial grade databases. Read more about Amazon Aurora with PostgreSQL compatibility in the AWS Blog.

AWS Mobile Hub now includes an integration with Amazon Lex, so you can build mobile apps that use speech and text, in addition to touch to your mobile app. This lets you use the technology that powers Amazon Alexa to create engaging speech- and text-based conversational bots in your own app. Each bot you create with Mobile Hub uses Amazon Lex to recognize the intent of natural language input and triggers appropriate business functions. You can create engaging conversational experiences for common app scenarios such as booking tickets, ordering products, logging tickets with customer support, querying an internal IT helpdesk system, and more.

Today, we announced the general availability of Amazon Athena, a serverless query service that makes it easy to analyze data directly in Amazon S3 using standard SQL. With a few clicks in the AWS Management Console, customers can point Athena at their data stored in S3 and begin using standard SQL to run ad-hoc queries and get results in seconds. With Athena, there are no clusters to manage and tune, there is no infrastructure to setup, and customers pay only for the queries they run. Athena scales automatically – executing queries in parallel – so results are fast, even with large datasets and complex queries.

Today we announce the newest member of the AWS Compute family - Amazon Lightsail. Lightsail is designed to be the easiest way to launch and manage a virtual private server with AWS. Lightsail plans include everything you need to jumpstart your project – a virtual machine, SSD-based storage, data transfer, DNS management, and a static IP – for a low, predictable price.

Amazon Elastic File System (Amazon EFS), which provides simple and scalable file storage for use with Amazon EC2 instances in the AWS Cloud, now allows you to access your file data from on-premises datacenters. On-premises servers can now move file data to and from your Amazon EFS file systems when connected to your Amazon VPC with AWS Direct Connect, allowing you to migrate data sets to EFS, enable cloud bursting scenarios, or backup your on-premises data to EFS.

Today, we are pleased to announce that Amazon CloudFront has added a new type of edge location called Regional Edge Cache that further improves performance for your viewers. Regional Edge Caches, in addition to improving performance, also help reduce the load on your origin resources, minimizing operational burden associated with scaling your origin and reducing your origin costs. Regional Edge Caches are turned on by default for your CloudFront distributions; you do not need to make any changes to your distributions to take advantage of this feature. There are also no additional charges to use this feature.

Amazon EC2 F1 is a compute instance with field programmable gate arrays (FPGAs) that you can program to create custom hardware accelerations for your application. F1 instances are easy to program and come with everything you need to develop, simulate, debug, and compile your hardware acceleration code, including an FPGA Developer AMI and Hardware Developer Kit (HDK). Once your FPGA design is complete, you can register it as an Amazon FPGA Image (AFI), and deploy it to your F1 instance in just a few clicks. You can reuse your AFIs as many times, and across as many F1 instances as you like. You can offer AFIs you develop on the AWS Marketplace for other customers to purchase.

In May, we officially launched the AWS IoT Button and were overwhelmed by the support the button received from the developer community. We listened to your suggestions and are pleased to announce an improved developer experience for the AWS IoT Button.

Amazon EC2 C5 instances are the most powerful Compute Optimized instances and the best price to compute performance in EC2. C5 is the first AWS cloud instance based on Intel’s next-generation Skylake Xeon® processors. They are ideal for compute-intensive workloads like ad serving, scientific modeling, 3D rendering, cluster computing, machine learning inference, and distributed analytics.

Amazon EC2 Elastic GPUs allow you to easily attach low-cost graphics acceleration to current generation EC2 instances. With Elastic GPUs, you choose the GPU resources that are sized for your workload, so you can accelerate the graphics performance of your applications for a fraction of the cost of stand-alone graphics instances. Elastic GPUs are ideal If you need a small amount of GPU for graphics acceleration, or have applications that could benefit from some GPU, but also require high amounts of compute, memory, or storage.

Amazon Lex is a service for building conversational interfaces into any application using voice and text. Lex provides the advanced deep learning functionalities of automatic speech recognition (ASR) for converting speech to text, and natural language understanding (NLU) to recognize the intent of the text, to enable you to build applications with highly engaging user experiences and lifelike conversational interactions. With Amazon Lex, the same deep learning technologies that power Amazon Alexa are now available to any developer, enabling you to quickly and easily build sophisticated, natural language, conversational bots (“chatbots”).

AWS Snowmobile is an exabyte-scale data transfer service that can move extremely large amounts of data to AWS in a fast, secure, and cost-effective manner. You can transfer up to 100PB per Snowmobile, a 45-foot long ruggedized shipping container, pulled by a semi-trailer truck. Snowmobile makes it easy to move massive volumes of data to the cloud, including video libraries, image repositories, or even a complete data center migration. All data is encrypted with 256-bit encryption and you can manage your encryption keys with AWS Key Management Service (AWS KMS). Snowmobile includes GPS tracking, alarm monitoring, 24/7 video surveillance and an optional escort security vehicle while in transit.

AWS Snowball Edge is a 100TB data transfer device with on-board storage and compute. You can use Snowball Edge to move large amounts of data into and out of AWS, as a temporary storage tier for large local data sets, or to support independent local workloads in remote locations.

The AWS IoT Button Enterprise Program is designed for businesses to expand their existing applications or build new applications that connect to a simple IoT button device. It enables businesses to offer new services or improve existing products using the click of a physical button to trigger services in the cloud.

You can now launch the t2.xlarge and t2.2xlarge, the newest Amazon EC2 burstable-performance instances. The t2.xlarge features 16 GiB of memory and 4 vCPU, and the t2.2xlarge features 32 GiB of memory and 8 vCPU. These two new instances provide burstable-performance options for larger workloads. As with other T2 instances, t2.xlarge and t2.2xlarge are well suited for workloads that require a consistent baseline performance with the ability to burst. T2 instances are backed by Intel Xeon processors with clock speeds up to 3.3 GHz.

AWS has expanded its HIPAA compliance program to include Amazon Aurora and Amazon RDS for PostgreSQL. You can now use Amazon Aurora or RDS for PostgreSQL databases to build your HIPAA-compliant applications and store healthcare related information, including protected health information (PHI) under an executed Business Associate Agreement (BAA) with AWS.

Amazon WorkSpaces now offers bundles that come with a Windows 10 desktop experience, powered by Windows Server 2016. Amazon WorkSpaces Windows 10 bundles provides you an easy way to move users to a modern operating system, while also simplifying licensing. Amazon WorkSpaces continues to offer bundles that come with a Windows 7 desktop experience, provided by Windows Server 2008 R2. You can also run Windows 7 and Windows 10 Enterprise operating systems with Amazon WorkSpaces if your organization meets the licensing requirements set by Microsoft.

Effective December 1, 2016, we’re updating pricing for AWS Storage Gateway, making it more cost-effective to adopt cloud storage for your on-premises applications. There will be 3 changes to pricing: storage prices for volume and virtual tapes will be reduced; the monthly gateway fee will be replaced with pricing based on the amount of data you write to AWS; and virtual tape retrieval will be simplified, moving from rate-based fees to per GB pricing.

AWS Organizations makes it easier for IT teams to manage multiple AWS accounts. You can use Organizations to create groups of AWS accounts, and then apply policies to these groups to help centrally manage security and automation settings.

AWS Competency Program & Financial Services Partners The AWS Partner Network (APN) is thrilled to announce the launch of the new AWS Financial Services Competency. The AWS Competency Program is designed to highlight APN Partners who have demonstrated industry expertise, readily implemented solutions that align with AWS architectural best practices, and have staff with AWS-certifications.

Today, the AWS Partner Network (APN) team announced the launch of the AWS Service Delivery Program, a new program to help AWS customers quickly locate APN Partners who have proven expertise delivering specific AWS services such as Amazon Aurora, or AWS Lambda. Attaining an AWS Service Delivery Distinction allows APN Partners to differentiate themselves by showcasing to AWS customers areas of specialization.

The AWS Partner Network (APN) is making it easier to explore the APN Partner ecosystem by launching a new site called the AWS Partner Solutions Finder. Visit the AWS Partner Solutions Finder to discover APN Partners by Use Case, Industry, Product, or Location. Interested in learning more about a specific APN Partner? You can now search APN Partners of any tier within the APN. The Partner Solutions Finder gives you more visibility into APN Partners who are members of APN Programs including the AWS Competency, Service Delivery, and Managed Service Provider Programs. The new Partner Profile pages offer a new user experience that enables you to explore APN Partners either at a glance, or in detail. On the Partner Profile page, you can view the APN Partner’s skillset (validated by AWS), partner solutions and/or AWS-created case studies, and office locations. How can you engage with an APN Partner you identify through the Partner Solutions Finder? Simply click “connect” on the Partner Profile page, and the APN Partner will receive your inquiry.

AWS Competency Program & IoT Partners The AWS Partner Network (APN) is thrilled to announce the launch of the new AWS IoT Competency. The AWS Competency Program is designed to highlight APN Partners who have demonstrated technical proficiency and proven customer success in specialized solution areas and categories.

Starting today you can launch t2.medium instances when using Amazon Aurora in addition to the R3 class instances previously available. Using t2.medium instances of Amazon Aurora will be a cost effective option for your smaller workloads like dev/test, still giving you the option to use larger R3 class instances for production deployment.

You can now use Managed Updates for your single-instance environments in AWS Elastic Beanstalk. With Managed Updates, Elastic Beanstalk automatically updates your environment to the latest version of the underlying platform running your application during specified maintenance windows. Previously, you could only use Managed Updates for Load Balanced, auto scaling environments. To get started, you must enable Managed Updates using the Elastic Beanstalk console, EB CLI, or API.

Today we released updated English-language versions of AWS Business Professional and AWS Technical Professional, free and online accreditation courses designed to help APN Partners articulate the benefits of AWS solutions and services. Both courses are available at no cost to APN Partners via the APN Portal and count toward APN tier requirements that help Partners advance. The 2016 English versions of each course add coverage of key new AWS services and features. For more information, visit Partner Training & Certification.

We are pleased to announce support for request tracing, a unique identifier appended to the HTTP header of each request processed by an Application Load Balancer. This allows for each request to be uniquely identified, providing improved monitoring and request-level diagnostics.

Today, Amazon WorkDocs released three updates. First, Amazon WorkDocs users will now have a storage quota of 1 TB, increased from 200 GB, at no additional charge. The new storage quota applies to new and existing customers, and for Amazon WorkSpaces and Amazon WorkMail customers purchasing Amazon WorkDocs at the discounted rate. You can purchase additional storage at the rates published here.

AWS CloudFormation now publishes a machine-readable specification of the AWS resources and properties it supports. The CloudFormation resource specification file is a JSON-formatted text file that can aid you in template authoring and validation. Visit here to learn more.

Announcing the new AWS IoT console. We have redesigned the AWS IoT management console to make it even easier to use. The management console is the primary tool for interacting with and monitoring AWS IoT. This includes connecting your devices, diving into thing details, finding key resources, and testing with the MQTT client.

Amazon ECS now sends container instance and task state changes to CloudWatch Events. In the past, in order to obtain updates on the state of a running Amazon ECS cluster, customers have had to rely on periodically polling the state of container instances and tasks using the AWS CLI or an SDK. With the new Amazon ECS event stream feature, it is now possible to retrieve near real-time, event-driven updates on the state of your Amazon ECS tasks and container instances. Events are delivered through Amazon CloudWatch Events, and can be routed to any valid CloudWatch Events target, such as an AWS Lambda function or an Amazon SNS topic.

Amazon WorkMail now offers SMTP journaling, which allows you to record all email communication sent or received by your Amazon WorkMail organization. By enabling journaling, you can integrate with third party compliance solutions for email archiving and e-discovery, allowing you to meet your data security and information protection policies.

AWS CloudTrail now supports Amazon S3 Data Events. You can now record all API actions on S3 Objects and receive detailed information such as the AWS account of the caller, IAM user role of the caller, time of the API call, IP address of the API, and other details. All events are delivered to a S3 bucket and CloudWatch Events, allowing you to take programmatic actions on the events. For example, if the Access Control Lists (ACLs) of an object are modified, you can quickly reapply the original ACLs on that object.

You now have two new options to retrieve data from Amazon Glacier that allows you to access all the archives you need, when you need them, and for a simple, low price. Starting today, you can use Expedited retrievals to access data in 1 – 5 minutes for a flat rate of $0.03 per GB retrieved. Expedited retrievals allow you to quickly access your data when occasional urgent requests for a subset of archives are required. And when you have large amounts of data to retrieve, even petabytes, you can use Bulk retrievals to access your data in approximately 5 – 12 hours for a flat rate of just $0.0025 per GB retrieved. Bulk retrievals allow you to cost-effectively access significant portions of your data for things like big data analytics and media transcoding.

You can now use Amazon S3 as a data store for Apache HBase on Amazon EMR using the EMR File System. Apache HBase is a distributed, non-relational database built for random, strictly consistent realtime access for tables with billions of rows and millions of columns. By using Amazon S3 as a data store for Apache HBase, you can separate your cluster’s storage and compute nodes. This enables you to save costs by sizing your cluster for your compute requirements instead of paying to store your entire dataset with 3x replication in the on-cluster Hadoop Distributed File System (HDFS).

Today, AWS announced that we are collapsing Amazon S3 price tiers and reducing storage prices across Amazon S3 and Amazon Glacier. We will collapse the number of Amazon S3 price tiers from six to three – 0-50 TB; 50 TB-500 TB; and 500+ TB – making it easier to understand your bill and project future costs. We will also reduce Amazon S3 and Amazon Glacier storage prices by more than 20% in most regions. Together, these changes will help AWS customers even further reduce their cost of storage while still enjoying the simplicity, durability, and massive scalability of Amazon’s object storage services.

AWS customers will see the effect of these prices in their billing effective December 1, 2016. Check out the AWS blog for further detail.

We are excited to announce that Amazon Route 53 health checks now support endpoints with Internet Protocol Version 6 (IPv6) addresses. Last month, Amazon Route 53 began rolling out support for DNS queries over IPv6. With today’s release, customers can now use Amazon Route 53 health checks to monitor resources with IPv6 addresses.

We are reducing the base price of CloudWatch Metrics from $0.50 per metric per month to $0.30 per metric per month, a 40% reduction in price. In addition, we are introducing new volume-based tiered pricing with even lower prices per metric, with savings up to 96%. These will take effect in all regions beginning December 1, 2016.

You can now access your Amazon WorkSpaces through Chrome and Firefox web browsers, using a new feature called Amazon WorkSpaces Web Access. Web Access establishes a secure connection to your Amazon WorkSpace from the browser, giving you safe access to your cloud desktop from almost anywhere you can connect to the public internet, all without having to install a client.

You can now provision and manage resources for AWS Lambda-based applications using AWS CloudFormation and the AWS Serverless Application Model (AWS SAM). SAM helps you more effectively model, package, and deploy “serverless” applications which use services like AWS Lambda, Amazon DynamoDB, and Amazon API Gateway. SAM is a specification for describing Lambda-based applications and offers a syntax designed specifically for expressing serverless resources. Learn more about SAM here.

You can now set environment variables for your Lambda functions, making it easy for you to configure your code for development, test, and production without having to change the function’s implementation. You can provide key-value pairs as part of your function configuration and access them easily within your function code at execution time simply by reading environment variables. You can easily create and modify environment variables from the AWS Lambda Console, CLI or SDKs.

You can now create configurable, rule-based events for notifications and automated actions based on AWS Trusted Advisor’s library of best-practice checks using Amazon CloudWatch Events. With this new integration, you can now more easily build workflows and processes that are triggered by the status of individual Trusted Advisor checks.

These latest Quick Starts automatically deploy two products from Informatica, Big Data Management and PowerCenter, on the AWS Cloud. Informatica is an advanced AWS technology partner that provides data integration software and services. The Quick Starts were created by AWS solutions architects in collaboration with the Informatica Big Data Management and PowerCenter teams, to integrate solutions and services from both companies.

Amazon GameLift is a fully managed service that makes it simple and cost-effective to deploy, operate, and scale session-based multiplayer game servers in the cloud. GameLift has launched a new feature, remote instance access. This feature enables game developers to access fleets and instances in real time to debug their game or better understand player behavior.

You can now use Amazon Elastic Transcoder to stitch together two or more input clips to create a longer clip in the desired output format(s). You can do this by specifying multiple inputs when creating a transcode job on Amazon Elastic Transcoder. Clips are stitched together in the order that they are specified in the job request. For each input, you can specify a Start Time and a Duration, which allows you to stitch together only the parts of each input that you want included in the output. You can leverage clip stitching to create highlight clips or add bumpers and trailers to your videos as part of the transcode process.

We are pleased to announce that the AWS Schema Conversion Tool (SCT) has added two more data warehouses as sources for schema conversion. SCT can now convert Netezza and Greenplum data warehouse schemas to their equivalent in Amazon Redshift giving you the flexibility to move AWS’ fast, fully-managed, petabyte-scale data warehouse.

Amazon CloudWatch announces the availability of two new Dashboards widgets that provides additional data visualization options for CloudWatch Metrics. The Number widget is a view of the latest data-point of the metric giving customers a “glance-able” update to understand the state of a resource. The Stacked area graph widget helps customers visualize the contribution of individual metrics and their impact in totality.

The Amazon WorkDocs Administrative SDK allows you to integrate your applications with Amazon WorkDocs. By using the Administrative SDK, you can perform content and permissions updates, and manage users, programmatically. This means your content management, content migration, virus-scanning, data loss prevention (DLP), and eDiscovery apps can now also work with content stored on Amazon WorkDocs.

You can now use Amazon Simple Queue Service (SQS) for applications that require messages to be processed in a strict sequence and exactly once using First-in, First-out (FIFO) queues. FIFO queues are designed to ensure that the order in which messages are sent and received is strictly preserved and that each message is processed exactly once.

Starting today, IT Administrators, IT Asset managers and Central Cloud teams can integrate with AWS Service Catalog administrator actions using the AWS API and CLI. Previously, you could setup AWS Service Catalog products and portfolios only through the AWS Management Console. Now you can automate call patterns, or integrate with your private console or ITIL management tool. Additionally, we are announcing AWS Service Catalog APIs and admin console now support AWS CloudTrail logging.

You can use AWS Identity and Access Management (IAM) roles and AWS Security Token Service (STS) to set up cross-account access between AWS accounts. When you assume an IAM role in another AWS account to obtain cross-account access to services and resources in that account, AWS CloudTrail logs the cross-account activity. Starting today, CloudTrail logs AssumeRole calls in the role-owning account (the account being accessed), including the unique ID of the IAM entity (a user or role) assuming the role in the account being accessed. This additional information helps you identify the entity that requested cross-account access and then trace its subsequent cross-account activity.

Today, we updated the AWS Identity and Access Management (IAM) console to make it easier for you to create and manage your IAM users. These improvements include an updated user creation workflow and new ways to assign and manage permissions. The new user workflow guides you through the process of setting user details, including enabling programmatic access (via access key) and console access (via password). In addition, you can assign permissions by adding users to a group, copying permissions from an existing user, and attaching policies directly to users. We also introduced 10 new AWS managed policies that align with common job functions in organizations that you can use to assign permissions. Finally, we updated the tools to view details and manage permissions for existing users.

AWS Marketplace, which lists over 3,500 software listings from popular software vendors across 35 product categories, has announced that customers can now subscribe to Software-as-a-Service (SaaS) and Application Programming Interface (API) products directly through AWS Marketplace with SaaS Subscriptions. With this feature, customers consume software directly through an API or web browser and sellers manage and update the product. Customers can now subscribe to SaaS and API products through AWS Marketplace and pay on an existing AWS bill. Following the launch of SaaS Subscriptions on AWS Marketplace, customers will be able to choose from more products than ever before and sellers will have greater access to the AWS customer base.

Amazon Kinesis Streams enables you to capture, store, and analyze terabytes of data per hour from clickstreams, financial transactions, social media feeds, and more. Starting today, you can use the new UpdateShardCount feature in the AWS Management console or AWS CLI to to scale your streams up and down automatically to match your data volume and processing needs in real time. For example, you can call UpdateShardCount from an AWS Lambda function to automatically scale the shard capacity in your stream in response to an Amazon CloudWatch alarm or Amazon CloudWatch metric. For more information, see UpdateShardCount in the Amazon Kinesis Streams Service API Reference.

You can now use Amazon Route 53, AWS's highly available and scalable DNS service, to easily manage association of Amazon VPCs and private hosted zones that you create with different AWS accounts with the same simplicity, security, and effectiveness that Route 53 already provides for VPC to Private Hosted Zone association. You can use the Route 53 Private DNS to manage authoritative DNS within your Virtual Private Clouds (VPCs), so you can use custom domain names for your internal AWS resources belonging to different accounts without exposing DNS data to the public Internet. This gives you greater leverage to manage your security and account pairing more effectively via self-service. Earlier this was only possible via engaging support.

Today we announced the availability of Amazon WorkSpaces Graphics bundles. These new bundles offer a virtual cloud desktop which includes a high-end GPU that supports engineering, design, and architectural applications. Amazon WorkSpaces Graphics bundles apply the same benefits of security, economics, flexibility, and agility to a graphics-capable desktop running on the AWS cloud. In addition, if you are already using the AWS cloud to run simulations on large datasets, using Amazon WorkSpace Graphics bundles for visualization of simulation results offers a faster end user experience because your apps stay close to your data. Amazon WorkSpaces Graphics bundles allow you to run high-end graphics applications on low-cost hardware, which means you can do away with expensive physical workstations and save money.

Amazon QuickSight is now generally available for all customers. At 1/10th the cost of traditional BI solutions, QuickSight is a fast, cloud-powered business analytics service that makes it easy for you to build visualizations, perform ad-hoc analysis, and quickly get business insights from your data. You can upload Excel files, connect to databases like SQLServer, MySQL or PostgreSQL, in the cloud or on-premises; access third-party applications, like Salesforce; or analyze data from other AWS services such as Amazon RDS, Amazon Redshift and Amazon S3. QuickSight’s power stems from its Super-fast, Parallel, In-memory, Calculation, Engine (SPICE), which delivers fast and responsive query performance and scales to hundreds of thousands of users. Once you’ve built your analysis or dashboard, you can access QuickSight via your web browser or your iOS mobile app and securely share your insights with colleagues and stakeholders.

These two new Quick Starts automatically deploy Consul and Vault, which are two popular DevOps tools from HashiCorp, Inc., on the AWS Cloud. The Quick Starts were created by AWS solutions architects in collaboration with HashiCorp, to integrate solutions and services from both companies.

Now, you can run more applications with AWS Directory Service for Microsoft Active Directory (Enterprise Edition) directory, also known as Microsoft AD, when the applications require extensions to your Active Directory (AD) schema. Today, we have added the ability for you to extend the schema of your Microsoft AD directory. Extending the schema allows you to add new attributes and object classes to your Microsoft AD that are required by your applications and that are not present in the core Microsoft AD classes and attributes.

AWS IoT now supports Simplified Permission Management. This feature allows you to easily manage permission policies for a large number of devices by using variables that reference the Device Registry or X.509 certificate properties. The integration of Device Registry and Certificate properties with device policies offers the following benefits:

1. You can now reference Registry properties in device permission policies.

Referencing device properties defined in the Device Registry allows your policies to reflect any changes made in the Device Registry. For example, referencing the Thing Attribute “building-address” as a variable in the policy, devices will automatically inherit a new set of permissions when they move buildings.

2. You can share a single generic policy for multiple devices.

A generic policy can be shared among the same category of devices instead of creating a unique policy per device. For example, a policy that references the “serial-number” as a variable, can be attached to all the devices of the same model. When devices of the same model connect, policy variables will be automatically substituted by their serial-number.

Starting today, you can monitor and automate action on your Amazon EBS snapshots using Amazon CloudWatch Events. CloudWatch Events provide a stream of events describing changes to your AWS resources. EBS CloudWatch Events fire when a snapshot completes or when a snapshot has been shared with you. This allows you to automate and streamline your data backup workflows by eliminating the need to poll the snapshot API to track snapshot status. You can also better adhere to best practices for multi-region disaster recovery by automating the copy of snapshots across regions upon snapshot completion. We will continue to add support for additional snapshot and volume events in future releases.

AWS has expanded its HIPAA compliance program to include AWS Snowball. With the addition of Snowball, you can now transfer large amounts of data, including Protected Health Information (PHI), into and out of AWS in a secure and cost-effective manner. Snowball addresses common challenges with large-scale data transfers, such as high network costs, long transfer times, and security concerns. Using Snowball to migrate data to AWS is a simple first step towards leveraging a full suite of HIPAA-eligible, cloud-based services for data lifecycle management, such as S3, Glacier, database services, and a managed Big Data platform. Read our whitepaper to learn more on how to configure AWS services to support your HIPAA applications.

We are excited to announce a new edge location in Tokyo, Japan for Amazon CloudFront. This is the third edge location for Tokyo and fourth in Japan which brings the total number of worldwide edge locations to 64.

Amazon RDS for PostgreSQL now supports the next major release of the PostgreSQL open source database, version 9.6.1. New features include parallel query, phrase search, and improvements to performance and usability. With this release, Amazon RDS for PostgreSQL also supports the bloom and pg_visibility extensions.

You can now monitor the burst-bucket performance and ensure you have the right volume size for Amazon EBS General Purpose SSD (gp2) volumes using Amazon CloudWatch. Amazon EBS gp2 volumes have the ability to burst to 3,000 IOPS for extended periods of time for workloads that need to burst beyond the baseline performance. Amazon EBS now publishes the Burst Balance metric into Amazon CloudWatch for all gp2 volumes. The vast majority of customers have sufficient burst for their workloads. However, if visibility into the Burst Balance is desired, you now have the ability to monitor and take appropriate action. You can automate Burst Balance monitoring by creating a CloudWatch alarm that notifies you when the Burst Balance falls below a user-specified threshold.

Amazon CloudWatch announces the availability of “Metrics to Logs” - a feature that helps customers pivot from a high level view of system or application behavior in a graph to the specific log events that caused the behavior. This complements the existing ability to extract aggregated metrics using metric filter patterns from log data as it streams through the CloudWatch services. Metrics created using metric filter patterns now have a View Logs option that help customers navigate to the associated logs groups from a graph to a chosen time stamp. This unifies the Logs and Metrics experiences to help customers solve problems faster.

You can now apply continuous delivery practices to your AWS CloudFormation stacks using AWS CodePipeline. AWS CodePipeline is a continuous delivery service for fast and reliable application and infrastructure updates. CodePipeline builds, tests, and deploys your code every time there is a code change, based on the release process models you define.

You can now choose AWS CloudFormation as a deployment action in your release workflows built using AWS CodePipeline. This allows you to build, test, and deploy AWS infrastructure changes modeled as CloudFormation templates. CloudFormation gives developers and systems administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion.

AWS Directory Service for Microsoft Active Directory (Enterprise Edition), also known as Microsoft AD, is now available in the US East (Ohio) Region. This makes it possible for you to use an AWS fully managed Active Directory in the cloud. Among the use cases supported by Microsoft AD, you can:

Amazon Simple Email Service (Amazon SES) now enables you to track your bounce, complaint, sent, and rejected email metrics with fine-grained granularity. Previously, Amazon SES provided your email sending metrics at an AWS account level. Now, you can access your metrics based on characteristics you define. For example, you can track metrics for a particular email campaign, a particular subset of recipients, or whatever aspect of email sending is important to your business operations and analytics. You can choose to publish the metrics to either Amazon CloudWatch or Amazon Kinesis Firehose.

We are pleased to announce we have added HP Data Protector 9.07 to the AWS Storage Gateway-Virtual Tape Library (VTL) compatibility list. You can backup and archive from HP Data Protector using Gateway-VTL to scalable, cost-effective, secure Amazon S3 and Amazon Glacier.

Today, AWS Marketplace, which offers more than 2,700 software listings from more than 925 independent software vendors, announced Product Support Connection (PSC), a new program that lets AWS Marketplace customers share contact details with software vendors through the AWS Marketplace web site to access and receive timely, more seamless product support. For products that support PSC, AWS Marketplace customers can choose to share contact details such as name, telephone number, organization, and email address with the vendor during or after a product subscription.

We’re announcing the availability of an Amazon Linux container image through Amazon EC2 Container Registry (Amazon ECR) and Docker Hub. The Amazon Linux container image is built from the same software components included in the Amazon Linux AMI, but is now publicly available for use in any environment as a base image for Docker workloads. We’re excited to be able to provide the security and performance of the Amazon Linux AMI to applications that run in containers.

CloudWatch announces the extension of metric retention from 14 days to 15 months, free of charge. CloudWatch has already stored at least 3 months of all existing metrics, which customers can begin using immediately to analyze seasonality, monthly trends and in the future, year-over-year comparisons and forecasts.

AWS Elastic Beanstalk now supports the Amazon Linux AMI 2016.09. As part of this update, you can now use Nginx 1.10 and PostgreSQL 9.5 with your Elastic Beanstalk environments. Python 3.5 support is coming soon. In addition, the Elastic Beanstalk Node.js platform has been updated to v3.1.0 and will now default to Node v6.X. Learn more about the new AMI here.

Auto Recovery is an Amazon EC2 feature that is designed to increase instance availability. Auto Recovery for Amazon EC2 is now available in the AWS GovCloud (US) Region. You can automatically recover supported instances when a system impairment is detected. Auto Recovery keeps your existing instance running and automatically recovers your instance on new underlying hardware, if needed, so you do not generally need to migrate to a new instance.

Starting today, customers using AWS Directory Service for Microsoft Active Directory (Enterprise Edition), also called Microsoft AD, now have the added permissions to install and use Microsoft Network Policy Server (NPS). The new permissions grant you the rights required to register NPS in the RAS and IAS Servers security group. Once NPS is installed and registered, you can use it to enforce network access policies for client health, network connection authentication, and network access authorization by using account information stored in Microsoft AD.

Amazon WorkMail now supports email redirection to external email addresses. You can setup email redirection rules on your desktop email application, such as Microsoft Outlook, or using the Amazon WorkMail web application. To take advantage of this feature, you will need to update Amazon Simple Email Service (Amazon SES) identity policies using the AWS Management Console for any domains that exist in your Amazon WorkMail organization. Please visit this page for more information on how to update the Amazon SES identity policy for your domain. You do not need to take any action for any new domains that you add to your Amazon WorkMail organization.

Today, AWS Marketplace released Self-Service Listings, a new, web-based interface that lets AWS Marketplace software vendors manage their product listings within the AWS Marketplace Management Portal (AMMP). Starting today, software vendors that wish to list their products for sale on AWS Marketplace can log in to AMMP to view their existing product listings, create a new free listing, create a new Bring-Your-Own-License (BYOL) listing, or track the status of their submitted listing requests. Self-Service Listings offers workflow and collaboration tools that make AWS Marketplace product listings easier to track and manage; vendors can use the new portal to save listings in progress, collaborate internally on product listing creation, view their request history, and more.

Amazon WorkMail now supports interoperability with Microsoft Exchange Server 2010 and 2013. Interoperability allows you to minimize disruption to your users as you migrate mailboxes to Amazon WorkMail, or use Amazon WorkMail for a subset of your corporate mailboxes. With interoperability, you can set up rich co-existence between Amazon WorkMail and Microsoft Exchange Server, which allows you to use the same corporate domain for mailboxes across both environments, and allows your users to seamlessly schedule meetings with bi-directional sharing of calendar free-busy information.

AWS Config is now available in the China (Beijing) region. AWS Config is a fully managed service that gives you an inventory of your AWS resources, notifies you when the configurations of your resources change, and lets you audit the history of the configurations for those resources to enable security and governance.

AWS Server Migration Service (SMS) is an agentless service which makes it easier and faster for you to migrate on-premises workloads to AWS. AWS SMS allows you to automate, schedule, and track incremental replications of live server volumes, making it easier for you to coordinate large-scale server migrations. With the support of incremental replications, you can perform migrations faster while minimizing network bandwidth consumption and reducing server downtime.

Today, we are announcing support for DNS resolution of hostnames where instances have private IP address outside of the RFC 1918 space. With this support now available natively in EC2 DNS, customers do not have to run custom DNS servers if the CIDR range for their VPC is outside of the RFC 1918 range. Previously, private DNS hostname resolution was supported only for RFC-1918 assigned private address ranges (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16).

You can now use the redesigned Amazon WorkDocs web client as the single place to manage, share, and collaborate on documents and files. The updated Amazon WorkDocs web client offers an intuitive user interface, and includes performance enhancements and improvements to navigation designed to make Amazon WorkDocs even easier to use. The redesigned web client is now available to all new and existing Amazon WorkDocs customers.

Amazon WorkSpaces is now available in the EU (Frankfurt) AWS Region. Amazon WorkSpaces is a fully managed, secure desktop computing service which runs on the AWS cloud. Amazon WorkSpaces allows you to provide your users access to the documents, applications, and resources they need from the device of their choice, including Windows and Mac computers, Chromebooks, iPads, Fire tablets, and Android tablets. Amazon WorkSpaces integrates with your existing IT systems, and you can use your corporate Active Directory to provide users with seamless access to company resources. With Amazon WorkSpaces, you pay either monthly or hourly just for the desktops you launch, which helps you save money when compared to traditional desktops and on-premises Virtual Desktop Infrastructure (VDI) solutions.

Starting today, you can take greater control of your AWS costs and resource usage with the new and enhanced features in AWS Budgets. You can now create monthly, quarterly, or annual budgets for your AWS resource usage (e.g., EC2 instance hours) or your AWS costs. In addition to accessing Budgets via the Billing & Cost Management console, you can now use the new Budgets API or command line interface to create, edit, delete, and view up to 20,000 budgets per payer account.

AWS Educate, a program that helps educators and students use real-world cloud technology in the classroom, now offers students cloud learning pathways. These learning tracks are made up of 30+ hours of curriculum across job families like Cloud Architect and Software Developer. The program also offers specialty AWS Educate Badges as add-ons to the pathways, for which students can achieve competency in specializations like IoT, start-up, and gaming.

Amazon EC2 now supports Windows Server 2016 with several new AMIs, providing you with an easy and flexible way to get up and running with the latest version of Windows Server. Windows Server 2016 comes loaded with a variety of new features including Windows containers and support for Docker. The release also features a Nano Server deployment option that boots faster than the Standard Edition and uses a fraction of the disk space. By running Windows Server 2016 on Amazon EC2, you can combine the scale, performance and elasticity of AWS with the powerful new capabilities in this newest version of Windows Server.

You can now record configuration changes to your S3 buckets with AWS Config. The detailed bucket configuration recorded by AWS Config includes the bucket policy, Access Control List (ACL), lifecycle configuration, Cross-Origin Resource Sharing (CORS) configuration and more. Review our documentation to get a full list of bucket attributes recorded by AWS Config. AWS Config provides a complete history of configuration changes for your bucket. With AWS Config, you can dive deep into how your bucket was configured at any point in time. For example, you can use the configuration history provided by AWS Config to determine how your bucket’s policy or ACL changed over time.

AWS is excited to announce immediate availability of the new US East (Ohio) Region. Ohio joins Northern Virginia, Oregon, Northern California, and AWS GovCloud as the fifth AWS Region in North America and as the fourteenth worldwide, bringing the total number of AWS Availability Zones to 38 globally.

You can now create and manage Git repositories hosted by AWS CodeCommit with the Elastic Beanstalk CLI (EB CLI) for your AWS Elastic Beanstalk environments. You can use the CodeCommit repository to store your project code and then deploy it to your Elastic Beanstalk environment. This provides you a convenient and secure place to store and version your Elastic Beanstalk applications.

AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures. AWS Service Catalog allows you to centrally manage commonly deployed IT services, and helps you achieve consistent governance and meet your compliance requirements, while enabling users to quickly deploy only the approved IT services they need.

Starting today, you can launch Amazon EC2 instances with encrypted Amazon Elastic Block Store (EBS) boot volumes in AWS GovCloud (US). This feature simplifies security compliance processes by now providing encryption for both EBS data and boot volumes using the AWS Key Management Service (KMS). It can also help simplify your auditing processes because you now have the ability to ensure all data on EBS is encrypted at rest and in transit. This feature is supported with all EBS volume types.

We are excited to announce that Amazon ElastiCache now supports Redis Cluster with Redis 3.2.4. Redis Cluster allows customers to run Redis workloads with up to 3.5TiB of in-memory capacity, supporting up to 20M reads per second and up to 4.5M writes per second. It also delivers up to 4x faster failover times, and includes Amazon’s enhancements to the Redis engine running on ElastiCache for improved stability and robustness, while maintaining compatibility with open-source Redis. Amazon’s fully managed Redis service is bolstered with updated AWS CloudFormation support, an easier-to-use console experience, and Redis Cluster level backup and restore.

These two new Quick Starts automatically deploy two popular software development tools from Atlassian, Bitbucket Data Center and JIRA Software Data Center, on the AWS Cloud. The Quick Starts were created by AWS solutions architects in partnership with Atlassian, to integrate solutions and services from both companies.

x1.16xlarge instances: You can now launch x1.16xlarge, the newest size of EC2 Memory Optimized instances, featuring 64 vCPUs, 976 GiB of memory, and 1 x 1,920 GB SSD storage. X1 instances are optimized for running in-memory databases like SAP HANA, big data processing engines like Apache Spark or Presto, and high performance computing (HPC) applications. X1 instances are certified by SAP to run production environments of the next-generation Business Suite S/4HANA, Business Suite on HANA (SoH), Business Warehouse on HANA (BW), and Data Mart Solutions on HANA on the AWS cloud. The x1.16xlarge offers half the memory of the x1.32xlarge for workloads that don't require a full 2TB of memory.

We are pleased to announce the launch of Hadoop Distributed File System (HDFS) support for the AWS Import/Export Snowball client. The new HDFS support accelerates the movement of big data workloads. The Snowball client allows end users to import data directly from on premises HDFS clusters to Amazon Simple Storage Service (S3). Big data workloads may now skip intermediary staging and go straight from HDFS to Snowball.

Internet Protocol Version 6 (IPv6) is a new version of the Internet Protocol that uses a larger address space than its predecessor IPv4. With IPv6 support, you will be able to meet the requirements for IPv6 adoption set by governments, remove the need for IPv6 to IPv4 translation software or systems, and benefit from IPv6 extensibility, simplicity in network management, and additional built-in support for security

You can now use aws-serverless-express, an open source Node.js library, to simplify the migration of your Express web applications and REST APIs to a serverless architecture. The library is built using features from Amazon API Gateway that allow you to preserve your API routes in your existing web application frameworks without having to redefine API methods or their integration behavior on API Gateway.

With this launch, administrators and developers can create users in an Amazon Cognito user pool. A user pool is a fully managed user directory that makes it easy to add sign-up and sign-in to your mobile and web apps. Use the new AdminCreateUser API to set up accounts for new users and send them a customized invitation with their user name and a temporary password. You can also use this feature to control membership in a user pool by only allowing administrators to create users or also allowing users to sign themselves up.

You can now allow AWS CloudFormation to assume service roles which determine what CloudFormation is allowed to do with your stack. A service role is an AWS Identity and Access Management (IAM) role which can be assigned permissions that determine which AWS resources CloudFormation can create, update, or delete. For example, you could create a service role that only allows CloudFormation to perform actions with Amazon EC2. Previously, CloudFormation would use the default permissions from the user credentials you used to access CloudFormation. Using service roles with CloudFormation, you can now more easily set granular permissions to CloudFormation for different AWS accounts or IAM users. To get started, you can set a service role when creating, updating, or deleting a stack. You will also need permission to pass the role to CloudFormation. Learn more about this feature in the documentation.

Amazon CloudWatch announces the availability of an open source collectd output plugin to simplify sending custom metrics to CloudWatch. collectd is a popular, open-source daemon that gathers system statistics for a wide variety of applications. The CloudWatch collectd plugin can be used on both AWS and non-AWS environments to gather host and application metrics such as memory and disk usage for a variety of applications such as Apache, NXGINX, MySQL, etc. The metrics gathered by collectd will be published as custom metrics to CloudWatch. These collectd metrics can then be used to set up alarms for triggering notification and auto-scaling actions or saved to dashboards for quick viewing in CloudWatch.

You can now use Network Address Translation (NAT) Gateway in the South America (São Paulo) region. NAT Gateway is a highly available AWS managed service that makes it easy to connect to the Internet from instances within a private subnet in an AWS Virtual Private Cloud (VPC). Previously, you needed to launch a NAT instance to enable NAT for instances in a private subnet.

We are pleased to announce that you can now use the AWS Schema Conversion Tool to copy your existing database schema from a legacy database to a new database on EC2 or RDS for homogeneous replications. The conversion engine has also been enhanced to offer even more automated conversions should you wish to switch from a commercial database to a cloud-native, open-source solution.

Amazon Elastic Transcoder lets you convert source media files into formats that will playback on devices like smartphones, tablets and PCs. It manages all aspects of the media transcoding process for you transparently and automatically. There’s no need to administer software, scale hardware, tune performance, or otherwise manage transcoding infrastructure. You simply create a transcoding “job” specifying the location of your source media file and how you want it transcoded. Amazon Elastic Transcoder also provides transcoding presets for popular output formats, which means that you don’t need to guess about which settings work best on particular devices. All these features are available via service API, AWS SDKs and the AWS Management Console.

You can now use time zones as part of time stamps in Amazon Redshift. The new TIMESTAMPTZ data type allows you to input timestamp values that include a time zone. Amazon Redshift automatically converts timestamps to Coordinated Universal Time (UTC) and stores the UTC values. Also, the COPY command now recognizes timestamp values with time zones in the source data and automatically converts them to UTC. You can retrieve and display timestamps in Amazon Redshift by setting your preferred time zone at the session level, user level or client connection level.

We are excited to announce the availability of P2 instances, a new instance type designed for compute-intensive applications that require high-performance GPU coprocessors and massive parallel floating point performance. P2 instances are ideal for deep learning, computational fluid dynamics, computational finance, seismic analysis, molecular modeling, genomics, and rendering workloads. For graphics workloads requiring DirectX and OpenGL, you can continue to use G2 instances.

Amazon Game Studios announced their new game, Breakaway, at TwitchCon this year. Breakaway is a mythological sport brawler built for fast action, teamwork, and live streaming. AGS also announced new upcoming features that are built for Twitch: Stream+, Twitch Metastream, Broadcaster Match Builder and Broadcaster Spotlight.

Standard Reserved Instances (“RIs”) have been available for 8 years, and provide customers the option to commit to use a specific instance size in an instance family in an availability zone (“AZ”) for either one or three years in exchange for our largest discount off On-Demand prices (~40-60% on average).

We are excited to announce the availability of the m4.16xlarge, the largest instance size in the latest generation of EC2 General Purpose instances, featuring 64 vCPUs and 256 GiB of memory. The m4.16xlarge offers a balance of compute, memory, and network resources, and is a good choice for many applications including databases, data processing tasks, cluster computing, and web servers that require high computational horsepower or memory size.

We are excited to announce two new edge locations in Frankfurt, Germany for Amazon CloudFront. Frankfurt city now have five edge locations which brings the total number of worldwide edge locations to 63.

Amazon Web Services has open-sourced the emr-dynamodb-connector, which enables Apache Hive and Apache Spark on Amazon EMR to access data in Amazon DynamoDB. You can process data directly in Amazon DynamoDB using these applications, or join tables in Amazon DynamoDB with external tables in Amazon S3, Amazon RDS, or other data stores that can be accessed by Amazon EMR. The connector is still included for use on each node in your Amazon EMR cluster. To learn more or contribute to the project, visit the emr-dynamodb-connector GitHub page.

We are excited to announce the release of Amazon Lumberyard Beta 1.5, which includes 210 new improvements, fixes and features to Amazon’s free, AAA game engine deeply integrated with AWS and Twitch. Lumberyard Beta 1.5 introduces an Asset Builder SDK, so game developers can track, reload, automatically rebuild, and process any asset formats their game requires. Additionally, Lumberyard Beta 1.5 adds support for OSVR virtual reality devices, new component entities so developers can build gameplay with less engineering support, distance-based particle effects optimization, and more. Read about the update in the GameDev Blog and the Lumberyard Beta 1.5 release notes.

Enterprise Support customers now have access to a Well-Architected Review for business critical workloads. This review, delivered by an AWS Solutions Architect, provides guidance and best practices to help you design reliable, secure, efficient, and cost-effective systems in the cloud.

This automated deployment was created by AWS solutions architects from the Quick Start reference team to help you add Linux bastion functionality to your AWS Cloud environment swiftly and easily, in about 5 minutes.

You can now send email directly from your RDS for Oracle databases by using the UTL_Mail package. To enable UTL_Mail for your DB instance, you need to create a new option group, or copy or modify an existing option group and add the option Oracle UTL_MAIL to it. You then need to associate this option group to your DB instance either by selecting the option while creating a new instance or while modifying an existing instance. Right now, we only support single attachments up to 32KB in size and only ASCII and EBCDIC character encodings. Amazon RDS supports UTL_Mail for the Oracle version 12.1.0.2.v5 and later, 12.1.0.1.v6 and later and 11.2.0.4.v9 and later. These versions include the July 2016 Oracle Patch Set Updates (PSU).

Amazon API Gateway now supports three new features that make it easy to integrate APIs with AWS Lambda and HTTP endpoints. Previously, you needed to define each method and its integration behavior in API Gateway in order to integrate with backend endpoints. Now, you can route all traffic to a specific backend endpoint without having to apply any request or response mappings and transformations.

You can now easily setup your AWS Lambda Lambda function with catch-all endpoints, which can respond to any method or resource using the catch-all methods/resources and pass-through mappings from Amazon API Gateway. Learn more here.

You can now monitor, alarm and receive notifications on the operational performance and usage of Amazon Elastic Transcoder using Amazon CloudWatch. Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS. Amazon Elastic Transcoder now automatically publishes nine operational metrics into Amazon CloudWatch, giving you more visibility into the overall health of your transcoding workflow and the ability to invoke an action if the metric you are tracking crosses a certain threshold for a defined period of time. You can monitor metrics such as jobs completed, jobs that errored out, output minutes generated, standby time, and errors and throttles on various API calls.

AWS CloudHSM provides dedicated Hardware Security Module (HSM) appliances within the AWS cloud, helping you meet corporate, contractual and regulatory compliance requirements for data security. CloudHSM is designed to enable you to maintain complete control over the use of encryption keys stored on CloudHSM appliances.

AWS CloudTrail now records launch and termination events for Amazon EC2 Spot Instances. If you already have AWS CloudTrail logging enabled, no further action is necessary. These events will begin to appear in your existing trails in each region over the next few days, so that you can perform security analysis, change tracking, and compliance auditing of your Spot instance usage.

We are excited to announce a new edge location in Mumbai, India (Asia-Pacific) for Amazon CloudFront. This is the second edge location for Mumbai and brings the total number of worldwide edge locations to 61.

You can now create YAML-formatted templates to describe your AWS resources and properties in AWS CloudFormation. Now, you have the option to use either YAML-formatted templates or JSON-formatted templates to model and describe your AWS infrastructure. YAML-formatted CloudFormation templates follow the same anatomy as existing JSON-formatted templates and support all the same features.

AWS Cost Explorer is a tool that helps you to visualize, understand, and manage your AWS spending. You can view your spend by service or by linked account, with your choice of daily or monthly granularity. You can also create custom filters based on the accounts, time period, services, or tags that are of particular interest to you.

Amazon Kinesis Agent is a pre-built Java application that offers an easy way to collect and ingest data into Amazon Kinesis services. The agent monitors log files you specify and continuously sends new data to Amazon Kinesis Streams and Amazon Kinesis Firehose.

Today, we are launching Earth on AWS, a new landing page that highlights large geospatial datasets made openly available in the cloud as AWS Public Datasets as well as resources to learn how to build planetary-scale applications in the cloud with open geospatial data. In addition to previously launched, Landsat, NEXRAD, and SpaceNet datasets, new datasets made up of high resolution aerial imagery, global event information, and global elevation data are now available. We are also opening a call for proposals from researchers to receive promotional Cloud Credits for Research to work with Earth observation data on AWS. Learn more at https://aws.amazon.com/earth.

You can now use Amazon Redshift’s Enhanced VPC Routing to force all of your COPY and UNLOAD traffic to go through your Amazon Virtual Private Cloud (VPC). Enhanced VPC Routing supports the use of standard VPC features such as VPC Endpoints, security groups, network ACLs, managed NAT and internet gateways, enabling you to tightly manage the flow of data between your Amazon Redshift cluster and all of your data sources. In particular, when your Amazon Redshift cluster is on a private subnet and you enable Enhanced VPC Routing, all the COPY and UNLOAD traffic between your cluster and Amazon S3 will be restricted to your VPC. You can also add a policy to your VPC endpoint to restrict unloading data only to a specific S3 bucket in your account, and monitor all COPY and UNLOAD traffic using VPC flow logs.

You can now monitor and automatically react to changes in your AWS CodeDeploy deployments using Amazon CloudWatch alarms. Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS. Using CloudWatch with CodeDeploy, you can monitor metrics for Amazon EC2 instances or Auto Scaling groups being managed by CodeDeploy and then invoke an action if the metric you are tracking crosses a certain threshold for a defined period of time. You can monitor metrics such as instance CPU utilization. If the alarm is activated, CloudWatch initiates actions such as sending a notification to Amazon Simple Notification Service, stopping a CodeDeploy deployment, or changing the state of an instance (e.g. reboot, terminate, recover).

Starting today, you can set access-level policies on AWS Service Catalog post-launch actions. Previously, users would have access either to any provisioned product in the account or only to those which they themselves launched. Now, you can customize the access level for each action, with support for user, role, and account levels. This feature allows users to be granted access to view, update, terminate, and manage provisioned products created under their role or the account to which they are logged in. For more information about policies for these actions, see the AWS Service Catalog documentation including the example policies.

Enterprise Support customers will now have access to self-paced training labs provided through an AWS training partner. These labs provide a hands-on learning environment based on real-world scenarios.

You can now view visual representations of the commits made to your AWS CodeCommit repositories. The Commit Visualizer is a graphical view which helps you see the sequence of commits to a branch, the relationship between parent and child commits, and merges into the branch. You can filter by branch or re-render the graph by a specific commit. You can click each commit to view details such as commit ID, parent ID(s), date, committer name, and commit message.

AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. AWS IoT can support billions of devices and trillions of messages, and can process and route those messages to AWS endpoints and to other devices reliably and securely. With AWS IoT, your applications can keep track of and communicate with all your devices, all the time, even when they aren’t connected.

Starting today, you can take advantage of several enhancements to Amazon RDS for PostgreSQL. These include new minor versions (9.3.14, 9.4.9 and 9.5.4), support for logical replication, event triggers, and the ability to use RDS for PostgreSQL as a source for AWS Database Migration Service.

Amazon EC2 Container Service (Amazon ECS) now supports container logging to Amazon CloudWatch Logs. You can use Amazon CloudWatch to monitor and troubleshoot your applications that run in containers. You can send each container’s log output to CloudWatch Logs and monitor these logs in near real-time.

You can now monitor and automatically react to changes in your AWS CodeDeploy deployments using Amazon CloudWatch Events. This lets you detect changes in the state of an Amazon EC2 instance or deployment managed by CodeDeploy, and then invoke an action based on rules that you set. This is useful for building workflows and processes that are triggered by changes in your deployments.

You can now use the Oracle Label Security (OLS) option to control access to individual table rows in your Amazon RDS DB instances running Oracle 12c. With the Oracle Label Security option, you can enforce regulatory compliance with a policy-based administration model, and ensure that an access to sensitive data is restricted to only users with the appropriate clearance level.

You can now connect to all the read replicas on your Amazon Aurora cluster through a single reader end point. Until now, you could use the cluster end point to connect to the primary instance in the cluster or instance end points to direct queries to specific instances on your Aurora cluster.

You can now view details and information about code changes flowing through your software release pipeline in AWS CodePipeline. This provides you more context about changes that have been committed to your source repository and are running through your pipeline. Viewing this information can be useful when reviewing manual approval actions or troubleshooting failures in your pipeline actions.

You can now more easily integrate cloud-based, mobile backend features (e.g. user identity, NoSQL database, push notifications, and mobile analytics) with your existing mobile apps in a few steps using AWS Mobile Hub. This makes it easier for you to start leveraging mobile backend features powered by AWS services in your existing mobile apps.

We are pleased to announce that you can now enable HTTP/2 for your Amazon CloudFront distributions to improve the performance of your web content delivered to clients that support the new HTTP/2 protocol.

After almost a year of developer feedback and contributions, version 1.0 of the AWS SDK for C++ is now available and recommended for production use. New features include an improved S3 Transfer Manager, cross platform encryption, simplified build and configuration and NuGet support for Windows customers.

AWS Config continuously records configuration changes to resources in your AWS account and provides you a history of how your resources were configured in the past. On the Config timeline for resources recorded by AWS Config, you can now view associated API events tracked by AWS CloudTrail. The API events contain relevant details such as the name of the API, user identity of the caller, and the time at which the API call was made. You can use this information to correlate the API calls that may have resulted in the configuration changes recorded by AWS Config.

AWS Identity and Access Management (IAM) service last accessed data is now available for the newly launched Asia Pacific (Mumbai) Region. Service last accessed data helps you identify overly permissive policies attached to an IAM entity (a user, group, or role). With this release, you can view the date when an IAM entity last accessed an AWS service in this region.

Today, we added a tool for bulk importing your user identities into Your User Pools in Amazon Cognito. This tool makes it easy for developers to migrate their existing users from their existing identity provider to an Amazon Cognito user pool. User attribute values are imported with a .csv file, which can be uploaded through the console, our APIs, or CLI. When imported users first sign in, they confirm their account and create a new password with a code sent to their email address or phone. There is no additional cost for using the import tool. To learn more, see our import tool documentation.

You can now use the Oracle Enterprise Manager (OEM) Cloud Control to manage multiple Amazon RDS for Oracle database instances. The OEM Cloud Control offers a solution that allows you to monitor and manage the complete Oracle IT infrastructure from a single console. Amazon RDS for Oracle installs the Oracle Management Agent (OMA) which communicates with your Oracle Management Service (OMS) to provide monitoring information.

We are pleased to announce that you can now configure Amazon CloudFront to use only a specific set of HTTP query parameters to be used as the cache key, while still forwarding all the parameters to the origin through a feature called Query String Whitelisting.

We’ve redesigned the AWS Storage Gateway console making it easier to configure, manage, and monitor all your gateways, volumes, and virtual tapes. The simplified interface provides filterable views, and direct links to integrated services such as Amazon CloudWatch and Amazon EBS. The new console enables you to do tasks faster and with fewer clicks.

Amazon CloudWatch announces usability improvements to the CloudWatch Logs Console. The Logs Console now gives customers the ability to share the state of their log sessions with their teams to facilitate collaboration when troubleshooting issues. Sharing is done via human readable URLs that include timestamp and search parameters. In addition, customers can narrow down their log search to specific time frames with just one click. The Logs Console now supports infinite scrolling, allowing customers to navigate large volumes of log data without pagination. It also improves readability of log data through additional display formatting options.

To learn more about these usability improvements click here. To know more about CloudWatch Logs, visit the CloudWatch Logs product page.

As of today, high-resolution satellite imagery from the SpaceNet corpus is available as an AWS Public Data Set. The SpaceNet corpus includes approximately 1,900 square kilometers full-resolution 50cm imagery collected from DigitalGlobe’s WorldView-2 commercial satellite and includes 8-band multispectral data. The dataset also includes 220,594 building footprints derived from this imagery which can be used as training data for machine learning. The first Area of Interest (AOI) to released is of Rio De Janeiro, Brazil, and more AOIs will be made available in the future.

AWS Elastic Beanstalk now supports Application Load Balancer for the Elastic Load Balancing service. You can now choose between Application Load Balancer and Classic Load Balancer when creating environments in Elastic Beanstalk. Use Application Load Balancer to deploy applications to Elastic Beanstalk that use the WebSocket protocol or HTTP/2.

AWS Elastic Beanstalk now supports ASP.NET Core. You can now deploy applications using ASP.NET Core on Elastic Beanstalk with the AWS Management Console, the EB CLI, and the AWS Toolkit for Visual Studio. You use a deployment manifest to configure deployments for .NET Core applications to Elastic Beanstalk.

Today, we are excited to announce hourly pricing for Amazon WorkSpaces, providing you the flexibility to pay for your desktops either monthly or hourly. Hourly pricing can help you save money on your AWS bill when your users only need part-time access to their Amazon WorkSpaces. With hourly billing you pay a small fixed monthly fee per Amazon WorkSpace to cover infrastructure costs and storage, and a low hourly rate for each hour your Amazon WorkSpaces are running and available for use, or undergoing maintenance. When your Amazon WorkSpaces are not being used, they automatically stop after a specified period of inactivity, and hourly charges are suspended.

AWS Config Rules enables you to define guidelines for provisioning and configuring AWS resources and then continuously monitor the configuration of resources recorded by AWS Config. You receive notifications when resources do not comply with these guidelines and get access to a dashboard of rules. You can use the dashboard to track overall compliance status of your AWS account and to navigate specific resource configuration changes that led to noncompliance.

Three new checks have been added to Trusted Advisor that will identify and provide recommendations on your Direct Connect settings that can help you ensure redundancy in the event of device or location loss of connectivity.

You can save up to 70% compared to the cost of using Amazon EC2 Dedicated Hosts On-Demand by purchasing Dedicated Host Reservations, and now you can purchase Dedicated Host Reservations within the AWS Management console or using the AWS CLI.

AWS OpsWorks is now available in the Asia Pacific (Seoul) region. Additionally, you can now access OpsWorks using new regional endpoints in the following regions: EU (Frankfurt), EU (Ireland), US West (N. California), US West (Oregon), South America (São Paolo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), and Asia Pacific (Tokyo).

Amazon EC2 Container Registry (ECR) is now available is now available in five additional regions: US West (N. California), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), and EU (Frankfurt).

We're pleased to announce the general availability release of the aws-record Ruby Gem. aws-record is a data mapping abstraction for Amazon DynamoDB, built on top of the AWS SDK for Ruby version 2. It provides helpful features for developing Ruby applications using DynamoDB, including:

We are pleased to announce the launch of a new Application Load Balancer for the Elastic Load Balancing service designed to improve flexibility and performance of real-time applications, microservices, container-based architectures, and streaming applications. This new load balancer, which also supports the WebSocket protocol and HTTP/2, operates at the application layer and provides content-based routing support. This allows the Application Load Balancer to route requests across multiple services or containers running on one or more Amazon Elastic Compute Cloud (Amazon EC2) instances, helping to reduce costs and simplify service discovery.

Amazon S3 now supports the IPv6 protocol, so applications can connect to Amazon S3 for object storage over IPv6. You can meet IPv6 compliance requirements, more easily integrate with existing IPv6-based on-premises applications, and remove the need for expensive networking equipment to handle the address translation between IPv4 and IPv6. You can also now utilize the existing source address filtering features in IAM policies and bucket policies with IPv6 addresses, expanding your options to secure applications interacting with Amazon S3.

AWS Key Management Service (KMS) is a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data. Starting today, you can import keys from your key management infrastructure into KMS, and use your imported keys in all KMS-integrated AWS services and custom applications. This feature gives you greater control over the generation, lifecycle management, and durability of your keys. Import Key could also help you meet your compliance requirements to generate and store copies of keys outside of your cloud provider.

We are excited to announce general availability of Amazon Kinesis Analytics, a fully managed service for continuously querying streaming data using standard SQL. With Kinesis Analytics, you can write standard SQL queries on streaming data and gain actionable insights in real-time, without having to learn any new programming skills.

Amazon API Gateway now supports API usage plans. You can now easily define plans for third-party developers by associating them with individual API keys. This allows you to configure which APIs the caller can access as well as define throttling and request quota limits. You can also extract utilization data on a per API key basis to analyze API usage and generate billing documents. Usage plans allows you to easily manage and monetize your APIs for your API-based business. Read our documentation to learn more.

We are pleased to announce that you can now add cost allocation tags to your Amazon CloudFront distributions. Tags make it easier for you to allocate costs and optimize spending by categorizing and grouping AWS resources. For example, you can use tags to group resources by administrator, application name, cost center, or a specific project.

We are pleased to announce the launch of our newest edge locations in Toronto and Montreal, our first edge locations in Canada. Adding locations in Canada has been frequently requested by our customers so we are excited to add these two locations to our global network. If you’re already using Amazon CloudFront, you don't need to do anything to your applications as requests are automatically routed to these locations when appropriate.

We are excited to announce the release of Amazon Lumberyard Beta 1.4, which includes 230 new improvements, fixes and features. Lumberyard Beta 1.4 introduces an integrated Lua editor and debugger, network encryption and profiling for more control when building multiplayer games. Read about the update in the GameDev Blog and the Lumberyard Beta 1.4 release notes.

You can now run Oracle Standard Edition Two as a License Included offering on Amazon RDS and can also upgrade existing Standard Edition (SE) and Standard Edition One (SE1) instances in database version 12.1.0.1 to Standard Edition Two (SE2) using either the AWS Management Console or API.

Amazon GameLift is a fully managed service that makes it simple and cost-effective to deploy, operate, and scale session-based multi-player game servers in the cloud. GameLift has added two new features and made several improvements to the service. Game developers can now use the new game session search & sort feature to populate session browsers with active game sessions that better match player preferences. Developers building game servers can now implement custom health checks for game server processes and report health status, which GameLift uses to track and maintain overall health for a fleet. In addition, with the release of the new Server SDK, GameLift now fully supports the ability to run multiple server processes concurrently on each instance in a fleet, giving you greater control over how efficiently you use GameLift resources and potentially reducing overall costs for hosting your game.

You can now easily change the Amazon Virtual Private Cloud (Amazon VPC) used by your Amazon RDS DB instance. You can specify a new VPC for an existing DB instance deployed in Single-AZ configuration by using the Amazon RDS Management Console, the Amazon RDS API, or the AWS Command Line Tools. In addition, if you are running your DB instance on the EC2-Classic environment, you can switch to the EC2-VPC environment by modifying your existing DB instance. If your AWS account was created before 2013-12-04, you are potentially running RDS on the EC2-Classic environment.

AWS Database Migration Service is now available to customers in the AWS Asia Pacific Seoul and Mumbai regions, as well as the South America region in São Paulo. AWS Database Migration Service helps you migrate databases to AWS easily and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database.

Today we are adding three new features to Amazon Aurora aimed at making Aurora even more performant on a wide range of workloads commonly run by AWS customers. Amazon Aurora is a MySQL-compatible relational database engine that combines the speed and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases.

These new features include Parallel Read Ahead, Faster Indexing, and NUMA Awareness. Using Parallel Read Ahead, Aurora performs a parallel pre-fetch of additional relevant pages during a table scan, taking advantage of the replicated storage architecture. This results in range selects, full table scans, the ‘Alter Table’ operation, and index generation performing 5x faster than before. Faster Indexing makes adding indexes and rebuilding tables up to 4x faster. NUMA-Aware scheduling makes CPU-bound operations that make heavy use of the query cache and the buffer cache now run up to 10% faster in large DB instances like db.r3.8xlarge.

You can take advantage of all these new features today by upgrading your instance to version 1.7 of Amazon Aurora from th AWS Management Console. Read more about these new features in the AWS Blog. To learn more about Amazon Aurora please visit our product page.

AWS IoT now supports Just-in-time registration (JITR) of device certificates. This functionality expands on the "Use Your Own Certificate" feature launched earlier this year by simplifying the process of enrolling devices with AWS IoT. Prior to support for JITR, the device enrollment process required two steps: first, registering the Certificate Authority (CA) certificate to AWS IoT, then individually registering the device certificates that were signed by the CA. Now, with JITR you can complete the second step by auto-registering device certificates when devices connect to AWS IoT for the first time. This saves time spent on registering device certificates and allows devices to remain off-line during the manufacturing process.

Amazon Mobile Analytics Auto Export to Amazon S3 accumulates and exports events sent to the Amazon Mobile Analytics service from your mobile and web applications into your own Amazon S3 bucket, typically in under one hour from when we receive the event. This allows you to access the full data being recorded by your application to perform additional detailed analysis in addition to the analytics automatically produced in the Amazon Mobile Analytics console, such as Daily Active Users (DAU), Monthly Active Users (MAU), Average Revenue per Daily Active User and other out-of-the-box and custom metrics.

Amazon ElastiCache now supports M4 node types. M4 nodes provide a balance of compute, memory, and network resources. They come in 5 sizes, ranging from 6.42 GB to 154.64 GB of memory, and have superior performance and lower prices than M3 node types. You can purchase M4 node types as On Demand or as Reserved Cache Nodes.

You can now access information on how long it took to create a datasource, model, evaluations, or batch predictions, in the Amazon Machine Learning (Amazon ML) console, the API, and in the AWS SDKs. Using this information, you can estimate how long it would take to create similar objects. Knowing the compute time, you can then estimate the cost of datasource creation, model training, or model evaluation based on similar objects created in the past. For regularly retrained models, you can use this information to detect problems in the retraining pipeline before they are deployed to production. This information is found on the summary page in the console for each object, or returned through the API or SDK as an additional value.

AWS Identity and Access Management (IAM) supports identity federation, which enables external identities, such as users in your corporate directory, to sign in to the AWS Management Console via single sign-on (SSO). Now with a small configuration change, your AWS administrators can allow your federated users to work in the AWS Management Console for up to 12 hours, instead of having to reauthenticate every 60 minutes. In addition, administrators can now revoke active federated user sessions.

AWS Directory Service for Microsoft Active Directory (Enterprise Edition), also referred to as Microsoft AD, now supports routing to your on-premises DNS servers, conditional forwarders and hosts that use public Internet Protocol (IP) addresses. Through the link to your VPC, you can now create trusts and domain join hosts with on-premises computers that have public IP addresses. This provides you more flexibility in how you integrate Microsoft AD with your on-premises environment.

This feature makes it easy for developers to add user sign-up, sign-in, and enhanced security functionality to their mobile and web apps. With User Pools, you get a simple, fully managed service for creating and maintaining your own user directory that can scale to hundreds of millions of users. You benefit from the security and privacy best practices of AWS, and retain full control of your user data. This feature is now available in the following AWS Regions: US East (N. Virginia), US West (Oregon), Asia Pacific (Tokyo), and EU (Ireland).

Today, we are announcing DNS resolution support for a Virtual Private Cloud (VPC) peering connection. You can now enable resolution of public DNS hostnames to private IP addresses when queried from the peered VPC. This functionality is also supported cross-account so the two VPCs can be in different accounts. This feature simplifies DNS setup for VPC peering connections.

You can now view the commit history of an AWS CodeCommit repository from the CodeCommit console. This helps you more easily understand the changes made to a repository, who made the changes, and when the changes were made.

Today, we are enhancing the AWS Application Discovery Service to collect information about on-premises VMware environments without requiring on-host agent installation, making it easier and faster for enterprises to assess their environment.

Amazon Elasticsearch Service now supports Elasticsearch version 2.3. Amazon Elasticsearch Service makes it easy to run Elasticsearch, which is a popular tool for real-time analytics use cases such as log analytics and application monitoring. Elasticsearch 2.3 offers many new features, including support for pipeline aggregations, improved geo-point fields, and support for data compression. Elasticsearch version 2.3 also offers many benefits over version 1.5, including improved performance, memory management and resiliency, and security enhancements. Starting today, customers can choose between Elasticsearch version 1.5 or 2.3 when creating an Amazon Elasticsearch Service domain.

Amazon RDS for SQL Server now supports SQL Server Native Backup/Restore using Amazon Simple Storage Service (S3). You can now take database level backups as SQL Server backup files (.bak) and store them in your Amazon S3 bucket. SQL Server full backups are commonly used to migrate or move databases among different SQL Server instances, whether in the cloud or on-premises, for data ingestion, disaster recovery and other backup purposes. You can export a full backup of your on-premises database, store it in S3 and then use the custom stored procedures offered by RDS to restore that backup to an existing RDS instance. You will also be able to backup an RDS database into S3 and restore the backup file later onto an on-premises or RDS database. Storing and transferring backup files into and out of AWS through S3 affords customers an added layer of protection for disaster recovery and gives customers a peace of mind that their data can be moved around easily. On RDS, you can encrypt your backup files across SQL Server Express, Web, Standard and Enterprise Editions.

A new pricing model for our Developer Support plan has been launched, reducing the entry cost from $49 per month to $29 per month, while providing the same level of customer service and support. As of July 26th, 2016 all new AWS accounts subscribing to Developer Support will receive the new pricing, set at the greater of $29 or 3% of monthly AWS spend.

Amazon Machine Learning (Amazon ML) now publishes your CloudWatch metrics in the Amazon ML console, making it even easier to use and access these graphs. Currently, Amazon ML publishes metrics to CloudWatch, enabling you to monitor the performance of your models in production. As part of the ML model report, you can view recent CloudWatch metrics related to the model. Now with a single click from the Amazon ML console, you can directly to go the view of metrics for that model in CloudWatch to get further detail.

AWS IoT now supports Thing Types in the Thing Registry. Thing Types allow you to effectively manage your catalogue of devices by defining common characteristics for devices that belong to the same device category. In addition, a Thing associated with a Thing Type can now have up to 50 attributes including 3 searchable attributes.

To learn more about the Thing Registry and Thing Types visit the AWS IoT site or AWS developer documentation.

We are pleased to announce the expansion of the Snowball service to EU (Frankfurt) region. With this launch, AWS Import/Export Snowball is now available in the eight regions: US East (N. Virginia), US West (Oregon), US West (N. California), EU (Ireland), EU (Frankfurt), Asia Pacific (India), Asia Pacific (Sydney) and AWS GovCloud (US).

AWS Config is a fully managed service that continuously records configurations changes to your resources in AWS and notifies you when your resources change. With AWS Config Rules, you can define guidelines for provisioning and configuring AWS resources and then continuously monitor compliance with those guidelines.

In October 2015, we announced that you can bring your existing Windows 7 Desktop licenses to Amazon WorkSpaces, a program we call Bring Your Own License (BYOL). Today we are pleased to announce that we are adding Windows 10 Desktop licenses to the BYOL program, allowing you to use the Windows 10 Desktop operating system on your Amazon WorkSpaces running on hardware that is dedicated to you. Just like when you bring your own Windows 7 Desktop licenses, this option entitles you to a discount of $4 per month per WorkSpace, and also allows you to use a single Windows 10 Desktop golden image on-premises and for your Amazon WorkSpaces.

To take advantage of this option, your organization must meet the licensing requirements set by Microsoft, and you must commit to running at least 200 WorkSpaces in a given AWS region each month.

Amazon EC2 Run Command is now available in China (Beijing) and Asia Pacific (Seoul) regions. AWS customers in these regions can now automate administrative tasks such as executing Linux Shell scripts and commands, running Windows PowerShell commands, installing software or patches, and more across instances. Furthermore, customers can now perform these tasks on instances or virtual machines across any location, enabling hybrid cloud and cross cloud management.

Amazon EC2 Run Command now supports event-driven notifications. You can now monitor the status of your commands either at fleet or instance level, and receive real-time updates. These notifications are supported by Amazon EC2 Run Command or through AWS CloudWatch Events.

AWS Config continuously records configurations changes to resources in your AWS account and notifies you of these changes through Amazon Simple Notification Service (SNS). Config rules check these resources for compliance with desired configurations you specify.

We’ve made four of our most popular Technical Bootcamps from AWS re:Invent and Summits part of our broader AWS Training portfolio so you can attend a class convenient to you.

Taking AWS Operations to Next Level teaches you how to leverage AWS CloudFormation, Chef, and AWS SDKs to automate provisioning and configuration of AWS infrastructure resources and applications. We also cover how to work with AWS Service Catalog. This course is designed for solutions architects and SysOps administrators.

Securing Next-Gen Applications at Cloud Scale teaches you how to use a DevSecOps approach to design and build robust security controls at cloud scale for next-generation workloads. We cover design considerations of operating high-assurance workloads on the AWS platform. Labs teach you governance, configuration management, trust-decision automation, audit artifact generation, and native integration of tasks into custom software workloads. This course is for security engineers, developers, solutions architects, and other technical security practitioners.

Running Container-Enabled Microservices on AWS teaches you how to manage and scale container-enabled applications by using Amazon ECS. Labs teach you to use Amazon ECS to handle long-running services, build and deploy container images, link services together, and scale capacity to meet demand. This course is for developers, solutions architects, and system administrators.

Building a Recommendation Engine on AWS teaches you to build a real-time analytics and geospatial search application using Amazon ES, Amazon DynamoDB, DynamoDB Streams, Amazon API Gateway, AWS Lambda, and Amazon S3. We discuss a real-world location-aware social application that displays information generated from a model created with Amazon Machine Learning. We also cover best practices for processing and analyzing data, such as the lambda data processing pattern and automating development process, using Swagger, Grunt, and the AWS SDK. This course is for developers, solutions architects, and data scientists.

You now have the ability to quickly and easily delete multiple objects through the Amazon Machine Learning (Amazon ML) console. Interactively select and/or deselect multiple objects, either individually or in bulk, to delete these objects via the Amazon ML console. For instance, once a model is trained to meet your business requirements, you can search, select, and delete the datasources, models, and evaluations produced during the iterative process of model development.

For more information on using this new feature to select and delete multiple objects through the console, visit the Amazon ML documentation.

Starting today you can create a new Amazon Aurora database from an existing MySQL backup. This can be done by creating a backup of your MySQL database using the Percona XtraBackup tool and uploading the file(s) to an Amazon S3 bucket. You can then create a new Aurora cluster from the backup file(s) in Amazon S3, directly through the RDS console.

AWS Device Farm Remote Access is now generally available. Gesture, swipe, and interact with mobile devices in real time, directly from your web browser. You can use AWS Device Farm Remote Access for manual tasks like debugging new functionality, running manual tests, and reproducing customer issues. Note: New device types will be coming on-line on a daily basis. We use market data and customer feedback to continuously update the fleet.

You can now use Amazon Elastic Transcoder to create WAV outputs with PCM audio. The WAV format primarily stores raw and uncompressed audio and is ideal for use in editing workflows and for archival. You can try out this format by using the newly available system presets.

AWS Mobile Hub now allows you to set the AWS region where you would like your project’s AWS resources to be provisioned. These include – US East (N Virginia), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo) and Asia Pacific (Sydney). Simply login to the AWS Mobile Hub console, create a new project and set the region you would like your resources for that project to be created in. Mobile Hub then uses this setting to provision AWS resources as you enable features like Cloud Logic, NoSQL database and User Data Storage in that region. Additionally, if a particular AWS service needed by a feature is not available in a region that you have provisioned, Mobile Hub will provision services in the nearest region where that AWS service is available.

We are pleased to announce that AWS Schema Conversion Tool now supports conversions from Oracle Data Warehouse and Teradata to Amazon Redshift. SCT actively analyzes the application and custom database code in the source data warehouse platform in order to provide optimized DDL statements with appropriate sort and distribution keys for Amazon Redshift.

AWS Database Migration Service now supports continuous data replication. Customers have the option of enabling Multi-AZ which provides a replication stream that is fault tolerant through redundant replication servers. Continuous replication, when combined with DMS’ ability to migrate data between database engines, results in an exponential growth of potential use cases.

We are pleased to announce that you can now add cost allocation tags to your AWS Directory Service directories. Tags make it easier for you to allocate costs and optimize spending by categorizing and grouping AWS resources. For example, you can use tags to group resources by administrator, application name, cost center, or a specific project.

We are happy to announce the availability of the Amazon Web Services PCI DSS 3.2 Compliance Package for the 2016/2017 cycle. AWS is the first cloud service provider (CSP) to successfully complete the assessment against the&nbsp;newly released&nbsp;PCI Data Security Standard (PCI DSS) version 3.2, 18 months in advance of the mandatory February 1, 2018, deadline.

AWS WAF (Web Application Firewall) is now included in the set of services that are compliant with the Payment Card Industry Data Security Standard (PCI DSS 3.2) Merchant Level 1, the highest level of compliance for service providers.

PCI DSS complianceis a requirement for any business that stores, processes, or transmits credit card data. AWS WAF's PCI compliance now makes it easier for retail e-commerce, travel booking, ticket sale, or in-app purchase applications to integrate AWS WAF as a part of their architecture and adhere to PCI DSS. Customers who need to adhere to PCI compliance, can now use AWS WAF to protect their web applications from common web exploits like SQL Injection or Cross-Site Scripting, or content abuse like bots and scrappers, or attacks that consume excessive resources (like HTTPS floods).

Starting today, you can integrate with AWS Service Catalog user actions using the API and CLI. Previously, you could integrate with AWS Service Catalog only through the AWS Management Console. Now you can automate call patterns or integrate with your private console. The AWS Service Catalog API and console now support AWS CloudTrail logging.

AWS CloudTrail allows you to look up API calls and notable events that contain relevant details such as the user identity and source IP address of the API caller, and the AWS resources impacted by the API call. With the new capability, you can also access the configuration details of impacted resources and history of changes in AWS Config.

You can now add manual approval actions to different stages of your pipelines in AWS CodePipeline. This allows someone with the proper permissions to approve a code change before it can progress further down your pipeline. Manual approvals make it easier for your team to manage and review code changes before they are deployed.

We are happy to announce that Independent Software Vendors (ISVs) with legal entities in countries participating in the European Union (EU) can now register, list, and sell products on AWS Marketplace, bringing a broad new selection to AWS’s worldwide customers.

You can now use AWS Mobile Hub to model and store app data in a NoSQL database using the Wizard flow. This feature is powered by Amazon DynamoDB which provides a fully managed and fast (single-digit millisecond latency) service at any scale.

Amazon EC2 Run Command now works with any instance or virtual machine outside of AWS, including VMs running in your own data centers or in other clouds. If you have hybrid environments that span on-premises to AWS, you now have a consistent experience to extend your scripts across locations. Through a single interface, you can now run scripts for repetitive tasks for both Windows and Linux operating systems running within Amazon EC2, VMware ESXi, Microsoft Hyper-V, and many other platforms. With Amazon EC2 Run Command, you can automate administrative tasks such as executing Linux Shell scripts and commands, running Windows PowerShell commands, installing software or patches, and more across instances, irrespective of location.

You can now restore an encrypted Amazon Aurora cluster from an unencrypted backup. You can choose any existing KMS key or create a new key to encrypt the new database. For more information on creating encrypted Amazon Aurora databases, read the Amazon Aurora User Guide. To know more about Amazon Aurora, visit our product page.

AWS Security Fundamentals is a free, online course that introduces you to fundamental cloud computing and AWS security concepts, including AWS access control and management, governance, logging, and encryption methods. It also addresses security-related compliance protocols, risk management strategies, and procedures for auditing AWS security infrastructure. We have significantly updated this course to include new content, demos, and knowledge checks that help you learn about AWS security concepts and services. This self-paced course is aimed at IT business or security professionals interested in cloud security practices and AWS, as well as IT auditors, analysts, and regulators. You can learn about this course and others training resources at AWS Training.

We are excited to announce the release of Amazon Lumberyard Beta 1.3, which includes 130 new improvements, fixes, and features. Lumberyard Beta 1.3 introduces new graphics features to help your team build visually stunning games including: support for VR devices such as the Oculus Rift and HTC Vive, support for high-dynamic range (HDR) displays and their brighter pixels and wider color gamut, introduction of the Lumberyard Graphics Profiler that displays critical performance statistics in real time, and more. Read about the update in the GameDev Blog and the Lumberyard Beta 1.3 release notes.

In April, Amazon Web Services announced the availability of longer volume and snapshot IDs for EBS and Storage Gateway. Starting today, June 29, 2016, all newly created AWS accounts will use longer volume and snapshot IDs by default in all regions except China (Beijing) and AWS GovCloud (US). If you have not yet tested your systems for compatibility with longer volume and snapshot IDs, you still have the option to request the shorter ID format if necessary. For new AWS regions launching later in 2016, all accounts will default to longer EC2 and EBS IDs, with the option to opt out if needed.

Amazon VPC Flow Logs is now available in the Asia Pacific (Seoul) region. VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from your VPC. Once enabled for a particular VPC, Subnet or Elastic Network Interface (ENI), relevant network traffic will be logged to CloudWatch Logs for storage and analysis by your own applications or third-party tools. Additionally, metrics can be created to identify trends and patterns.

Amazon EFS provides simple, scalable file storage for use with Amazon EC2 instances in the AWS Cloud. Amazon EFS is easy to use and offers a simple interface that allows you to create and configure file systems quickly and easily. With Amazon EFS, storage capacity is elastic, growing and shrinking automatically as you add and remove files, so your applications have the storage they need, when they need it.

You can now use Amazon SNS to send SMS messages to phone numbers in 200+ countries. With the addition of the Worldwide SMS Delivery feature, Amazon SNS now offers a low cost, fully managed and highly scalable service that lets you deliver both transactional messages such as one-time passwords (OTP) and promotional messages such as marketing campaigns to your users across multiple destinations globally, over multiple channels such as text-messaging (SMS) mobile push, and email.

AWS is pleased to announce immediate availability of the new Asia Pacific (Mumbai) Region. Mumbai joins Beijing, Seoul, Singapore, Sydney, and Tokyo as the sixth AWS Region in Asia and as the thirteenth worldwide, bringing the total number of AWS Availability Zones to 35 worldwide.

Starting today, we are expanding Amazon WorkSpaces root volumes from 60GB to 80GB for all Amazon WorkSpaces bundles, at no additional cost to you. Larger volumes allow your users to install and run more applications and store more data, which means they can use their Amazon WorkSpace in more ways than before.

Today, the Amazon Fulfillment Technologies team is releasing the Amazon Bin Image Data Set, which is made up of over 1,000 images of bins inside an Amazon Fulfillment Center. Each image is accompanied by metadata describing the contents of the bin in the image. This is a limited release, and several hundred thousand images will be released this fall. Learn more about the data set on its Public Data Set landing page.

You can now use Network Address Translation (NAT) Gateway in the Asia Pacific (Seoul) region. NAT Gateway is a highly available AWS managed service that makes it easy to connect to the Internet from instances within a private subnet in an AWS Virtual Private Cloud (VPC). Previously, you needed to launch a NAT instance to enable NAT for instances in a private subnet.

You now have the ability to add, modify, remove, and list tags on an object through the Amazon Machine Learning (Amazon ML) console. Additionally, when objects are created through the Console wizard, existing tags of the antecedent objects (S3 bucket, Redshift cluster, Data source, ML model) will also be carried over into the new object.

You can now use Amazon Cognito to let your users sign-in through identity providers that support Security Assertion Markup Language (SAML) such as Microsoft Active Directory Federation Services (ADFS). You now have an additional option with SAML for adding sign-in to your mobile and web apps in addition to Cognito user pools, social identity providers such as Facebook, Twitter, and Google, Open ID Connect providers, and your own authentication system.

Customers can now more easily identify opportunities to optimize their AWS infrastructure with Trusted Advisor. With tagging support enabled, customers can filter Trusted Advisor reports using existing resource tags, and view best practice recommendations based on the context of their applications or workloads. AWS resources are often shared across multiple solutions, and tag-based views provide customers the ability to optimize based on the unique attributes of each workload.

AWS Identity and Access Management (IAM) service last accessed data is now available for two additional regions: South America (Sao Paulo) and Asia Pacific (Seoul). Service last accessed data helps you identify overly permissive policies attached to an IAM entity (a user, group, or role). With this release, you can view the date when an IAM entity last accessed an AWS service in these two regions.

You can now retry an action in AWS CodePipline after it has failed. Previously, you needed to manually restart the entire pipeline or commit a new change to your pipeline’s source stage to retry the failed action.

Today, we're announcing the ability to download your LOA-CFA for your Direct Connect connection in the AWS management console. This self-service feature makes it easier for you to access your LOA and provision your connection quicker. You now have access to your LOA anytime you need it from anywhere you can access the AWS console. Previously, LOAs were sent by email and if they expired after 90 days, you had to contact AWS Support for a refreshed LOA. Now, you can log into the AWS console and download your LOA without having to worry about which email address it was sent to.

Starting today, you can copy encrypted Amazon EBS snapshots between accounts, a capability previously supported only for unencrypted snapshots. Now you can easily copy encrypted snapshots between your development, test and production environments or between different department and project accounts. It also makes it easier for you to follow AWS security best practices which include copying encrypted snapshots to separately managed accounts, in the same or other regions, to provide an extra level of account isolation.

Amazon EC2 now fully supports SQL Server 2016, the most recent release of Microsoft SQL Server. SQL Server 2016 AMIs are available in four editions - Web, Express, Standard and Enterprise and runs on Windows Server 2012 R2. Amazon EC2 support for SQL Server 2016 enables you to leverage new capabilities such as real-time analytics, visualizations across devices, deeper security and new big-data solutions for your mission-critical applications running on AWS.

The AWS Partner Network (APN) is thrilled to announce the launch of the new AWS Government Competency. The AWS Competency Program is designed to highlight APN Partners who have demonstrated technical proficiency and proven customer success in specialized solution areas and categories.

You can now use the Oracle Repository Creation Utility (RCU) 12c to create schemas for Fusion Middleware components on Amazon RDS for Oracle. This feature is available with new Amazon RDS Oracle 12c and 11g database versions "11.2.0.4.v8", "12.1.0.1.v5" and "12.1.0.2.v4". These versions include the April 2016 Oracle Patch Set Updates (PSU). The “11.2.0.4.v8” and “12.1.0.2.v4” versions include the recommended database patches for Oracle GoldenGate. We also added the ability to grant privileges on SYS objects with the “grant option” to the versions.

You can now quickly create cross-region read replicas for your unencrypted Amazon RDS for PostgreSQL database instances with just a few clicks on the AWS Management Console. You can use this feature to reduce read latency for your customers in different geographic locations, to create a backup of your primary database for disaster recovery purposes, or quickly migrate your database to a different AWS Region.

Form 990 is the form used by the United States Internal Revenue Service (IRS) to gather financial information about nonprofit organizations. Data from over 1,000,000 IRS 990 electronic filings are now available for anyone to use via Amazon S3. Electronic filings from 2011 to the present are currently available, and the IRS will add new 990 filing data each month.

We are pleased to announce that we’ve added a new edge location in New Delhi, India for Amazon CloudFront and Amazon Route 53. The New Delhi location is our third edge location in India (joining Mumbai and Chennai), and brings the total number of worldwide edge locations to 56.

In December, AWS Identity and Access Management (IAM) released service last accessed data, which shows the time when an IAM entity (a user, group, or role) last accessed an AWS service. This provided a powerful tool to help you grant least-privilege permissions. Starting today, it’s easier to identify where permissions can be reduced based on additional service last accessed data. With this release, you have access to the following for IAM entities and policies:

AWS Config Rules is a set of governance capabilities that allow IT Administrators to define guidelines for provisioning and configuring AWS resources and then continuously monitor compliance with those guidelines. You can choose from a collection of AWS managed rules, which are predefined, customizable rules that are based on common best practices. AWS Config now offers a new managed rule that checks Amazon EC2 instances for a specified tenancy (host, dedicated or default). You can provide an Amazon Machine Image (AMI) ID to check EC2 instances launched only from that AMI and also specify an EC2 Dedicated Host ID to check whether your EC2 instances are launched on that EC2 dedicated host. This rule enables you to assess compliance with your server-bound software licenses by checking whether your EC2 instances are launched on a physical server dedicated to your use.

Amazon SES can now include the original email headers in the bounce, complaint, and delivery notifications it provides through Amazon SNS. This feature enables you to more easily match a notification to the specific email that triggered it, because the notification can contain the email headers that you used when you passed the email to Amazon SES. Previously, when you wanted to match a notification to a specific sent email, you needed to store a mapping between the email and the message ID that Amazon SES returned when you sent the message. Now, you can add a custom header to the email and then retrieve that custom header from the notification, without storing the message ID on your side. You can include any other custom headers that might be useful to you. For example, resellers can now add client identifiers for improved tracking.

This Quick Start automates the deployment of Microsoft business productivity servers on the AWS cloud. It deploys the four most popular Windows servers in a highly available Multi-AZ architecture on AWS: SQL Server, Exchange Server, Lync Server, and SharePoint Server. The deployment also includes Active Directory Domain Services as the foundation for these business productivity servers.

The AWS Partner Network (APN) is thrilled to announce the launch of the new AWS Migration Competency. The AWS Competency Program is designed to highlight APN Partners who have demonstrated technical proficiency and proven customer success in specialized solution areas and categories.

You now have the ability to add, modify, remove, and list tags on an object through the Amazon Machine Learning (Amazon ML) API. You can also grant and revoke permissions for these operations through Identity and Access Management (IAM) on the API.

AWS Directory Service for Microsoft Active Directory (Enterprise Edition), also known as Microsoft AD, is now available in the EU (Frankfurt) Region. This makes it possible for you to use an AWS fully managed Active Directory in the cloud. Among the use cases supported by Microsoft AD, you can:

Amazon VPC Flow Logs is now available in the Beijing (China) region. VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from your VPC. Once enabled for a particular VPC, VPC subnet or Elastic Network Interface (ENI), relevant network traffic will be logged to CloudWatch Logs for storage and analysis by your own applications or third-party tools. Additionally, metrics can be created to identify trends and patterns.

Starting today, you can now use the new Amazon EC2 Spot Jenkins plug-in to help you save up to 90% off Jenkins infrastructure costs, compared to when running them on Amazon EC2. This plug-in makes it easier to save money with EC2 Spot instances, by allowing you to configure Jenkins to automatically scale a fleet of Spot instances up or down depending on the number jobs to be completed. To learn more and get started, download the plug-in.

You can now choose AWS OpsWorks as a deployment provider in your software release pipelines modeled in AWS CodePipeline. This lets you automate the release of updated application code and Chef cookbooks to your applications and instances running in OpsWorks.

Data Warehousing on AWS is a new three-day course that is designed for database architects, database administrators, database developers, and data analysts/scientists. It introduces you to concepts, strategies, and best practices for designing a cloud-based data warehousing solution using Amazon Redshift. This course demonstrates how to collect, store, and prepare data for the data warehouse by using other AWS services such as Amazon DynamoDB, Amazon EMR, Amazon Kinesis, and Amazon S3. Additionally, this course demonstrates how you can use business intelligence tools to perform analysis on your data. Organizations who are looking to get more out of their data by implementing a Data Warehousing solution or expanding their current Data Warehousing practice are encouraged to sign up.

Starting today, customers can launch MariaDB version 10.1 instances on Amazon RDS. They can also upgrade their existing Amazon RDS for MariaDB database instances from version 10.0 to 10.1 using either the console or API.

We recognize how important it is for APN Partners to learn how AWS solutions can solve customer business needs. To this end, we’ve expanded our AWS Solutions Training for Partners with a second topic on Big Data & Analytics. This workshop is designed to help business professionals at APN Consulting Partner firms understand and address big data and analytics challenges faced by small-medium and enterprise businesses. We cover AWS best practices and case studies, and discuss how to address customer pain points with AWS big data and analytics solutions. This free, one day workshop compliments and extends concepts from the Big Data & Analytics e-learning and AWS Business Professional, which are both free, online courses available to all APN Partners via the APN Portal.

This major update to the NIST 800-53 Quick Start (published earlier this year) deploys a standardized environment that helps support additional NIST-based security requirements on the AWS cloud. Specifically, it helps organizations with workloads that fall in scope for any of the following:

Starting today, you can create cross-region read replicas for Amazon Aurora. This allows you to serve read traffic from your users in different geographic regions and increases your application’s responsiveness.

AWS Config is now available in the AWS GovCloud (US) region. AWS Config is a fully managed service that gives you an inventory of your AWS resources, notifies you when the configurations of your resources change, and lets you audit the history of the configurations for those resources to enable security and governance.

You can now export your ElastiCache for Redis snapshots to an Amazon S3 bucket of your choice. Please note that you need to use an authorized Amazon S3 bucket in the same region as your cluster. For more details, please refer to Jeff Barr’s blog and the ElastiCache documentation.

You can now get up to 60% higher query throughput (as measured by standard benchmarks TPC-DS, 3TB) in Amazon Redshift as a result of improved memory allocation, which reduces the number of queries spilled to disk. This new improvement is available in version 1.0.1056 and above. Combined with the I/O and commit logic enhancement released in version 1.0.1012, it delivers up to 2 times faster performance for complex queries that spill to disk, and queries like SELECT INTO TEMP TABLE that create temporary tables.

UNION ALL performance improvement: Business analytics often involves time-series data, which is data generated or aggregated daily, weekly, monthly or at other intervals. By storing time-series data in separate tables—one table for each time interval—and using a UNION ALL view over those tables, you can avoid potentially costly table updates. Amazon Redshift now runs UNION ALL queries up to 10 times faster if they involve joins, and up to 2 times faster if they don’t involve any joins. This performance improvement is automatic and requires no action on your part and is available in version 1.0.1057 and above. For more information about UNION ALL views and time-series tables, see Using Time-Series Tables in the Amazon Redshift Database Developer Guide.

You can now use Amazon Elastic Transcoder to create MPEG-DASH streams. MPEG-DASH is a standard for HTTP based adaptive bitrate streaming of video. With Elastic Transcoder support for MPEG-DASH, you can now reach a wide range of DASH-compatible devices (from desktop to mobile and OTT) with fewer output renditions created using the same easy workflows that Elastic Transcoder supports for HLS and Smooth Streaming. This enables you to simplify your video processing workflows and helps improve cost efficiency.

Instance Console Screenshot provides an on-demand screenshot of the instance console, conveying valuable debug information. This capability is particularly useful when diagnosing instances that have become unreachable via RDP (Windows) or SSH (Linux) due to in-progress software updates, VM Import issues, or other blocking system events. Screenshots can be viewed in the AWS console or accessed via the AWS API or CLI, with both Linux and Windows instances supported.

This Quick Start deploys a standardized environment that helps organizations with workloads that fall in scope for Payment Card Industry (PCI) Data Security Standard (DSS) compliance. The Quick Start includes AWS CloudFormation templates that automate the deployment, relying on the requirements of PCI DSS version 3.1. The Quick Start also includes a security controls reference, which maps security controls to the reference architecture, and a deployment guide, which provides step-by-step instructions for deploying and configuring the environment.

You can now use SSL/TLS certificates provisioned from AWS Certificate Manager with your AWS Elastic Beanstalk environments by selecting a certificate from the Elastic Beanstalk console. This helps you easily secure network communications between your Elastic Beanstalk applications and end users.

We are pleased to announce that the AWS Schema Conversion Tool now supports SSL connections. SSL support is for both source and target engines including PostgreSQL, Oracle, SQL Server, and any MySQL compatible engine including Amazon’s next generation cloud database, Aurora. This release builds upon the existing conversion rules adding support for conversion of Oracle Synonyms to PostgreSQL schema search paths.

We are excited to announce Amazon EC2 X1 instances. X1 instances extend the elasticity, simplicity, and cost savings of the AWS cloud to enterprise-grade applications with large dataset requirements. X1 instances are ideal for running in-memory databases like SAP HANA, big data processing engines like Apache Spark or Presto, and high performance computing (HPC) applications. X1 instances are certified by SAP to run production environments of the next-generation Business Suite S/4HANA, Business Suite on HANA (SoH), Business Warehouse on HANA (BW), and Data Mart Solutions on HANA on the AWS cloud.

Starting today, you can share your Amazon Aurora snapshots with another AWS account, or make your snapshots publicly available. You can privately share your database snapshots with up to 20 AWS accounts by selecting "Share Snapshots" on the RDS console and choosing the "Private" option. You can also make your snapshot available to all AWS users by selecting the "Public" option. Access to the publically or privately shared snapshots can be revoked by you at any time. Recipient of a shared snapshot can copy it to their account, or restore it directly to an Aurora cluster.

Amazon Elasticsearch Service is a managed service that makes it easy to deploy, operate, and scale Elasticsearch on AWS. You can now add up to 20 data nodes and 5 dedicated master nodes to your Amazon Elasticsearch domains. The previous limit was a total instance count of 10 including both data nodes and dedicated master nodes. This effectively increases the maximum amount of data you can store in an Amazon Elasticsearch domain from 12 TB to 24 TB with i2.2xl instances and from 4 TB to 8 TB for EBS-backed domains. For more information, see Creating and Configuring Amazon ES Domains and Amazon Elasticsearch Service Limits in the Amazon Elasticsearch Service Developer Guide.

Amazon Kinesis Firehose, the easiest way to load streaming data into AWS, now supports configurable retry duration for ingesting data into Amazon Redshift. You can now configure your Firehose delivery streams to retry the Redshift COPY for any time period up to a maximum of 7200 seconds. If the Redshift COPY command fails for any reason, Amazon Kinesis Firehose re-tries the command for the duration of the retry period you specify.

Starting today, you can use tags to manage and track your Amazon WorkSpaces. Tags let you categorize your Amazon WorkSpaces so you can easily identify their purpose and track costs accordingly. For example, you could use tags to identify all the Amazon WorkSpaces for a particular department, project, application, vendor, or use case. Once you have tagged your Amazon WorkSpaces, you can use the AWS Tag Editor console (starting in June 2016) to filter and search by specific tags, and obtain usage and cost details for particular tags by signing up to get your AWS account bill with tag key values included.

You can now provision SSL/TLS certificates from AWS Certificate Manager in nine additional Regions. In addition to US East (N.Virginia), AWS Certificate Manager is now available in US West (N. California), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), and South America (Sao Paulo).

AWS Config made available several improvements to customers of Config Rules. Customers now receive notifications about changes to tags on resources within minutes, enabling improved accuracy of the required-tags Config Rule. Customers also get a new managed rule that checks whether the root user of their AWS account requires multi-factor authentication for console sign-in. A new Java sample for this rule is now available in the Config Rules GitHub repository. Additionally, customers can now view their custom annotations for compliant or noncompliant changes on the Config Rules console, and receive finer grained status about rule invocation and evaluation timestamps on the Config Rules detail page.

We are excited to announce a new edge location in Seoul, Korea for Amazon CloudFront. This is the third edge location in Seoul, Korea and brings the total number of worldwide edge locations to 55. The new edge location helps improve performance and availability for end users of your application and supports Amazon CloudFront features at no additional cost.

Today, we are excited to announce EC2 Run Command document sharing. This new capability lets you collaborate with other users on developing new custom commands. Using EC2 Run Command, you can create custom commands (called Run Command documents), share documents with other AWS users, and find documents shared with you. You can share Run Command documents privately or publish them publicly for the AWS Community to use.

AWS Application Discovery Service helps Systems Integrators quickly and reliably plan application migration projects by automatically identifying applications running in on-premises data centers, their associated dependencies, and their performance profile. Planning data center migrations can involve thousands of workloads that are often deeply interdependent. Application discovery and dependency mapping are important early first steps in the migration process, but difficult to perform at scale due to the lack of automated tools. AWS Application Discovery Service automatically collects configuration and usage data from servers, storage and networking equipment to develop a list of applications, how they perform, and how they are interdependent. This information is securely retained in an AWS Application Discovery Service database which you can export as a CSV or XML file into your preferred visualization tool or cloud migration solution to help reduce the complexity and time in planning your cloud migration.

You can now provision M4, C4, R3, I2, and D2 Amazon EC2 Dedicated Hosts in the Asia Pacific (Seoul) Region. Dedicated Hosts are physical servers with EC2 instance capacity fully dedicated for your use. Dedicated Hosts can help you reduce costs by allowing you to use your existing server-bound software licenses, including Windows Server, SQL Server, and SUSE Linux Enterprise Server, and can also help you meet compliance requirements. For more information on Dedicated Host availability and pricing, visit the Dedicated Hosts pricing page.

EC2 Auto Recovery, an Amazon EC2 feature designed to increase instance availability, is now available in Beijing (China). With Auto Recovery, you can automatically recover supported instances when a system impairment is detected. Auto Recovery keeps your existing instance running and automatically recovers your instance on new underlying hardware, if needed, so you do not generally need to migrate to a new instance.

Recently, Oracle certified their suite of Siebel CRM Applications to operate on Amazon Web Services infrastructure. Today, we are releasing a tutorial for guiding you through the setup of Amazon RDS for Oracle as the database backend of your Siebel CRM Application.

In December 2015, we released Enhanced Monitoring for Amazon RDS so customers could get deeper visibility into their Amazon RDS instances in real time. Enhanced Monitoring provides a comprehensive set of 56 system metrics and aggregated process information at granularity of up to 1 second. You can visualize the metrics on the RDS console and also integrate them with CloudWatch and third-party applications such as Datadog.

AWS Database Migration Service now supports Amazon Redshift as a migration target. This allows you to stream data to Amazon Redshift from any of the supported sources including Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and SQL Server, enabling consolidation and easy analysis of data in the petabyte-scale data warehouse.

AWS DevDay is a free full-day technical event on June 21 at the AMC Metreon 16 in San Francisco. New developers will learn about some of the hottest topics in cloud computing and experienced developers can dive deep on newer AWS services.

We are excited to announce the release of Amazon Lumberyard Beta 1.2, which includes 218 new improvements, fixes, and features to Amazon’s free, cross-platform, 3D engine that enables developers to create the highest-quality games, connect their games to the AWS Cloud, and engage fans on Twitch. Lumberyard Beta 1.2 introduces improvements to 20 of Lumberyard’s technology components, including the particle editor, networking, FBX importer, Cloud Canvas Resource Manager, and more. Read about the update in the Lumberyard blog or for more detail check the full Lumberyard Beta 1.2 release notes.

BACKUP NO option when creating tables: You can now use the BACKUP NO option with the CREATE TABLE command, and improve data loading and cluster performance. For tables, such as staging tables, which contain only transient and pre-processed data, specify BACKUP NO to save processing time when creating snapshots and restoring from snapshots. This option also reduces storage space used by snapshots.

You can now log all your API calls to AWS WAF through AWS CloudTrail, the AWS service that records API calls for your account and delivers log files to your Amazon S3 bucket. CloudTrail logs can be used to enable security analysis, track changes to your AWS resources, and aid in compliance auditing. Integrating AWS WAF and CloudTrail lets you determine which requests were made to the AWS WAF API, the source IP address from which each request was made, who made the request, when it was made, and more.

The MariaDB audit plug-in is now available for RDS MySQL (5.6.29 and 5.7.11) and RDS MariaDB 10.0.24 instances. The MariaDB audit plug-in provides event logging for database activity to help customers meet corporate compliance requirements and troubleshoot application issues. Some of the key details for implementing the plugin are:

Enabling and disabling the audit plug-in – Users can enable audit plug-in by creating an option group, adding MARIADB_AUDIT_PLUGIN option to the group, and attaching the option group to the RDS instance. Audit logging can be disabled by simply removing the option group from the instance.

SERVER_AUDIT_EVENTS variables – These variables allow users to specify the events they want to include in the logs (CONNECTION: users connecting and disconnecting, QUERY: queries and their result, and TABLE: which tables are affected by the queries).

SERVER_AUDIT_EXCL_USERS and SERVER_AUDIT_INCL_USERS variables – These variables specify which users' activity should be excluded from or included in the audit. SERVER_AUDIT_INCL_USERS has the higher priority and all users' activity is recorded by default.

The MariaDB audit plug-in for RDS MySQL and MariaDB is available in all supported RDS regions.

We are excited to announce ClassicLink support for Virtual Private Cloud (VPC) peering connections. This feature enables communication between linked EC2-Classic instances and resources in a peered VPC over private IP address space. The EC2-Classic instance and the peered VPC can be in different accounts. ClassicLink support for VPC peering simplifies communication between an EC2-Classic instance and a peered VPC.

This new Quick Start automates the deployment of Ansible Tower on the AWS cloud. Ansible is an IT DevOps tool that handles cloud provisioning, configuration management, application deployment, intra-service orchestration, continuous delivery, and many other IT processes. Ansible Tower is a web-based user interface for Ansible.

You can now use AWS Mobile Hub to add a fully managed cloud database service to your mobile app. This feature is powered by Amazon DynamoDB which provides a fast (single-digit millisecond latency) service at any scale.

AWS CloudTrail, a service that captures specific API calls and delivers log files to an Amazon S3 bucket, now includes logging for the AWS Support API. This allows you to track API calls made from the AWS Support console or from your code to the AWS Support APIs. Log information includes the API action, the date and time of the request, and the IP address and user name of the requester. For more information, see Logging AWS Support API Calls with AWS CloudTrail.

You can now use Apache HBase 1.2 on Amazon EMR release 4.6.0. Apache HBase is a massively scalable, distributed big data store in the Apache Hadoop ecosystem. It is an open-source, non-relational, versioned database which runs on top of the Hadoop Distributed Filesystem (HDFS), and it is built for random, strictly consistent realtime access for tables with billions of rows and millions of columns. It has tight integration with Apache Hadoop, Apache Hive, and Apache Pig, so you can easily combine massively parallel analytics with fast data access. Apache HBase's data model, throughput, and fault tolerance are a good match for workloads in ad tech, web analytics, financial services, applications using time-series data, and many more.

Amazon VPC Flow Logs is now available in the Sao Paulo region. VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from your VPC. Once enabled for a particular VPC, VPC subnet or Elastic Network Interface (ENI), relevant network traffic will be logged to CloudWatch Logs for storage and analysis by your own applications or third-party tools. Additionally, metrics can be created to identify trends and patterns.

You can now use Amazon Elastic Transcoder to create WebM outputs using the VP9 codec. VP9 is primarily used for web video and achieves lower bitrates without sacrificing quality. You can try out this format by using the newly available system presets.

AWS Application Discovery Service helps Systems Integrators quickly and reliably plan application migration projects by automatically identifying applications running in on-premises data centers, their associated dependencies, and their performance profile. Planning data center migrations can involve thousands of workloads that are often deeply interdependent. Application discovery and dependency mapping are important early first steps in the migration process, but difficult to perform at scale due to the lack of automated tools. AWS Application Discovery Service automatically collects configuration and usage data from servers, storage and networking equipment to develop a list of applications, how they perform, and how they are interdependent. This information is securely retained in an AWS Application Discovery Service database which you can export as a CSV or XML file into your preferred visualization tool or cloud migration solution to help reduce the complexity and time in planning your cloud migration.

You can now choose to have your AWS Elastic Beanstalk environments automatically update to the latest version of the underlying platform running your application during a specified maintenance window. Elastic Beanstalk regularly releases new versions of supported platforms (i.e., Java, PHP, Ruby, Node.js, Python, .NET, Go, and Docker) with operating system, web & application server, and language & framework updates. Previously, you had to manually initiate updates to your Elastic Beanstalk environments using the Elastic Beanstalk console, command line interface (CLI), or API. Now, you can simply select a weekly maintenance window and have Elastic Beanstalk automatically update the platform version of your environment during that window.

We are pleased to announce the 80 TB Snowball appliance, a larger capacity Snowball that enables more data to be securely moved in or out of AWS with fewer jobs. Since first launching Snowball at Re:Invent 2015, customers have successfully migrated petabytes of data to AWS using the 50TB Snowball and avoided challenges typically associated with large-scale data transfers such as high network costs, long transfer times, and security concerns. With the new 80 TB Snowball, customers can move 60% more data with a single job, thereby requiring fewer jobs to move large amounts of data, reducing per-job fees and shipping costs, and enabling faster migration of data.

Today we’re excited to announce that Amazon Inspector has exited preview and is now generally available to all customers. Amazon Inspector is a security vulnerability assessment service that helps improve the security and compliance of applications deployed on Amazon EC2. Amazon Inspector automatically assesses applications for vulnerabilities or deviations from best practices, and then produces a detailed list of security findings prioritized by level of severity. Amazon Inspector includes a knowledge base of hundreds of rules mapped to common security standards and vulnerability definitions that are regularly updated by AWS security researchers.

Amazon Kinesis Streams enables you to build custom applications that process or analyze streaming data for specialized needs. Today we are adding two new features, time-based shard iterators and shard-level metrics, to make it easy to replay and manage your Amazon Kinesis streams.

You can now use Cognito Identity to easily and securely add user sign-up and sign-in to your mobile and web apps. Cognito Identity can scale to support hundreds of millions of users, and is fully managed so you don’t have to worry about building, securing, and scaling a solution to handle user management and authentication.

Starting today, you can save up to 50% on Amazon Elastic Block Store (EBS) by launching Amazon EC2 instances and Amazon Elastic MapReduce (EMR) clusters with two new EBS volumes, Throughput Optimized HDD (st1) and Cold HDD (sc1). These new volume types offer better price performance, improved performance consistency, and higher throughput compared to our existing EBS Magnetic offering. Both are designed for throughput-intensive and big data workloads, which are characterized by having large data sets, large I/O sizes, and sequential I/O patterns. Examples of these workloads include MapReduce, Kafka, log processing, data warehouse, and ETL.

We're pleased to announce Amazon S3 Transfer Acceleration, a faster way to move data into your Amazon S3 bucket over the internet. Amazon S3 Transfer Acceleration is designed to maximize transfer speeds when you need to move data over long distances, for instance across countries or continents to your Amazon S3 bucket. It works by carrying HTTP and HTTPS traffic over a highly optimized network bridge that runs between the AWS Edge Location nearest to your clients and your Amazon S3 bucket. There are no gateway servers to manage, no firewalls to open, no special protocols or clients to integrate with, or upfront fees to pay. You simply change the S3 endpoint that your application uses to transfer data, and acceleration is automatically applied. When moving GBs or TBs of data over long distances, it can save hours (or even days) in transfer time. You can try the Transfer Acceleration speed comparison tool to get a preview of the performance benefits.

Amazon Kinesis Firehose, the easiest way to load streaming data into AWS, now supports Amazon Elasticsearch Service as a data delivery destination. You can now use Amazon Kinesis Firehose to stream data to your Amazon Elasticsearch domains continuously and in near real time. Amazon Kinesis Firehose automatically scales to match the throughput of your data and handles all the underlying stream management. For more information, see the Amazon Kinesis Firehose website and developer guide.

You can now use AWS Device Farm for manual tasks like debugging new functionality, running manual tests, and reproducing customer issues. Simply choose an Android device and swipe, gesture, and interact with it from your web browser.

You can now provision Amazon API Gateway using AWS CloudFormation. API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. Learn more here.

You can now choose AWS CodeCommit as a source provider in your software release pipelines modeled in AWS CodePipeline. This lets you select CodeCommit repositories and branches in the source stage of your pipelines.

You can now configure AWS IoT Rules to route device-generated data directly to Amazon Machine Learning, enabling you to create machine learning (ML) models without having to learn complex ML algorithms and technology. With Amazon Machine Learning integration, you will be able to generate billions of predictions daily, and serve those predictions in real-time and at high throughput.

You now have the ability to quickly and easily create new Amazon Redshift datasources in Amazon Machine Learning (Amazon ML) by copying settings from an existing Amazon Redshift datasource. A new option on the Amazon ML console allows you to select an existing Redshift datasource to copy the Redshift cluster name, database name, IAM role, SQL query and staging data location, to automatically populate these fields in the Create Datasource wizard. You can modify the settings before the new datasource is created, for example, to change the SQL query, or to specify a different IAM role to access the cluster.

We are pleased to announce that the AWS Schema Conversion Tool now supports conversions between two popular open source engines: MySQL and PostgreSQL. Conversions can be run in either direction and using any MySQL compatible engine including Amazon’s next generation cloud database, Aurora. This release builds upon existing support for conversions from Oracle and SQL Server to PostgreSQL and MySQL. SCT now includes further improvements in conversion rules between all engines and a revised assessment report.

Amazon Kinesis Agent is a pre-built Java application that offers an easy way to collect and send data to Amazon Kinesis Streams and Amazon Kinesis Firehose. The agent monitors a set of files for new data and continuously sends it to Amazon Kinesis Streams or Amazon Kinesis Firehose.

A new set of review, guidance and reporting activities have been formalized to help customers prepare, manage, and optimize their cloud operations. Included with the Enterprise support plan, Operations Support enables customers to work with their Technical Account Manager to gain:

Operational insight: Operations assessments and analysis to identify gaps across the operations lifecycle, as well as recommendations based on best practices.

AWS IoT now offers APIs to register and use security certificates signed by your Certificate Authority (CA) as an alternative to using certificates that were generated by AWS IoT. This allows your connected devices with existing or new certificates signed by your signing certificate seamless access to AWS IoT.

Amazon RDS for PostgreSQL now supports major version 9.5, which contains several new features including UPSERT capability, Row Level Security (RLS) and several Big Data capabilities. In addition to supporting the new major version of PostgreSQL, 9.5, RDS for PostgreSQL also supports new minor versions 9.4.7 and 9.3.12, which contain several enhancements and fixes. All three versions are available to use starting today.

You can now select from two additional deployment policies, immutable and rolling with additional batch, when deploying application code using AWS Elastic Beanstalk. This is in addition to the two existing deployment policies that Elastic Beanstalk currently supports (i.e. rolling, all at once). You can now select one of these four deployment policies when updating your applications. Elastic Beanstalk also lets you perform DNS-based blue/green updates in addition to the four deployment policies.

We continuously enhance our technical courses to stay current with the pace of AWS platform updates and incorporate student feedback. We have made substantial updates to our two foundational training courses to better provide students with actionable knowledge to get started creating solutions with AWS and a path to advanced learning.

You can now develop your AWS Lambda functions using Node.js 4.3.2 in addition to Node.js 0.10.4. In addition to the leveraging new features in Node.js 4.3 such as ES6 support, Lambda functions written in Node.js 4.3 can now use standard Node.js callback conventions to specify error or return values for the function execution. Previously, returning values from a Lambda function required the use of methods specific to the Lambda programming model. See our documentation to learn more about implementing callbacks within Lambda functions.

Today, we made it easier for you to configure trust relationships between your AWS Directory Service for Microsoft Active Directory (Enterprise Edition)—also known as Microsoft AD—and your on-premises Microsoft Active Directory domains. Establishing trust relationships requires conditional forwarders, which resolve Domain Name System (DNS) queries between the domain names of the trusting directories. You now can more easily configure conditional forwarders using the Directory Service console, which eliminates the need to install DNS Manager on a Microsoft Windows Server instance in your Amazon Virtual Private Cloud (VPC).

AWS Config Rules allow you to create rules that continuously check the configuration of AWS resources recorded by AWS Config, and notifies when resources do not comply with these guidelines. Using the rules dashboard, you can track overall compliance status and troubleshoot specific resource configuration changes that led to noncompliance.

You now have the ability to shuffle your training data with Amazon Machine Learning (Amazon ML) for improved ML model quality. Amazon ML creates better ML models when input rows are presented to the ML algorithm in a random order. With this new training parameter option, you can have Amazon ML shuffle the order of the rows of your training data. Data shuffling will be turned on by default in the Amazon ML console when you create an ML model. You can control this option through the console, or turn data shuffling on through the API and SDK.

We are excited to announce the launch of three new health checking features for Amazon Route 53:

Metric Based Health Checks let you perform DNS failover based on any metric that is available within Amazon CloudWatch, including AWS-provided metrics and custom metrics from your own application. When you create a metric based health check within Amazon Route 53, the health check becomes unhealthy whenever its associated Amazon CloudWatch metric enters an alarm state.

Amazon API Gateway now supports importing Swagger API definitions. Previously, you would use the Swagger importer tool to import Swagger definitions into API Gateway. Now, you can import your Swagger API definitions into API Gateway through the AWS Management Console, CLI, and SDK. This allows you to easily create and deploy new APIs as well as update existing APIs in Amazon API Gateway.

You can now view Amazon Aurora clusters on the RDS console. Managing multiple clusters in your fleet is easier as the cluster view allows you to modify and delete clusters as well as manage the Aurora instances on them. For more information on the cluster view and APIs, read the Amazon Aurora User Guide. To know more about Amazon Aurora, visit our product page.

You can now launch new Oracle 12c and 11g database versions "11.2.0.4v7", "12.1.0.1.v4" and "12.1.0.2.v3" that include the January 2016 Oracle Patch Set Updates (PSU). In new versions, we also increased the limit on number of custom Oracle directories to 10,000 and enabled re-granting of read privileges on Oracle dump directories.

Amazon Aurora is now available to customers in AWS Asia Pacific (Seoul) region. Amazon Aurora is a MySQL-compatible relational database management system (RDBMS) that combines the speed and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases. Amazon Aurora provides up to five times better performance than MySQL at a price point one tenth that of a high-end commercial RDBMS while delivering similar performance and availability.

Amazon RDS now offers Multi-AZ support for Amazon RDS for SQL Server in the Asia Pacific (Seoul) AWS Region. This new high availability option leverages SQL Server Mirroring technology with additional improvements to meet the requirements of enterprise-grade production workloads running on SQL Server. The Multi-AZ deployment option provides enhanced availability and data durability by automatically replicating database updates between two AWS Availability Zones. Availability Zones are physically separate locations with independent infrastructure engineered to be insulated from failures in other Availability Zones.

AWS Config is now available in the Asia Pacific (Seoul) region. AWS Config is a fully managed service that gives you an inventory of your AWS resources, notifies you when the configurations of your resources change, and lets you audit the history of the configurations for those resources to enable security and governance.

AWS CloudFormation has updated support for three services. You can now provision the following features using CloudFormation:

Amazon Simple Storage Service (S3) updated support

Specify one or more transition rules for S3 buckets with versioning enabled. These define how S3 manages objects during their lifetime, such as automated transition of less-frequently accessed objects to low-cost storage alternatives and scheduled deletions.

Four new checks have been added to Trusted Advisor to provide recommendations related to Amazon S3, Amazon Redshift, Amazon EC2 Reserved Instances, and security. Additionally, the service limits check now includes IAM. These checks provide further guidance to help provision your resources based on AWS best practices.

Amazon S3 Bucket Versioning (New): Checks for Amazon Simple Storage Service buckets that do not have versioning enabled, or have versioning suspended.

Exposed Access Keys (New): Checks for access keys that have been exposed to the public and for Amazon Elastic Compute Cloud (Amazon EC2) usage that could be the result of a compromised access key.

EC2 Reserved Instance Lease Expiration (New): Checks for Amazon EC2 Reserved Instances that are scheduled to expire within the next 30 days or have expired in the preceding 30 days.

Service Limits (Updated): Added Identity and Access Management (IAM) limits to the service limits check, to include items such as number of instance profiles, roles, server certificates, groups, or users in an AWS account.

You can now view change sets before updating your stacks in AWS CloudFormation. This helps you understand the resource-level changes (e.g. adding, deleting, or modifying instances) which CloudFormation will apply to your live stack when you are updating your AWS infrastructure. Previously, you could not see the specific changes that CloudFormation would apply to your stack before submitting changes.

You can now assign one or more AWS Identity and Access Management (IAM) roles to your Amazon Redshift cluster for data loading and exporting. Amazon Redshift assumes the assigned IAM roles when you load data into your cluster using the COPY command or export data from your cluster using the UNLOAD command. It uses the resulting credentials to access other AWS services, such as Amazon S3, securely during these operations. IAM roles enhance security of your cluster and simplify data loading and exporting by eliminating the need for you to embed AWS access credentials within SQL commands. They also enable your cluster to periodically re-assume an IAM role during long-running operations. Handling of data encryption keys for COPY and UNLOAD commands remains unchanged.

You can now configure AWS WAF to block, allow, or monitor (count) requests based on Cross-Site Scripting (XSS) match conditions. XSS attacks are those where the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts (like Javascript) into other legitimate user’s web browsers. This XSS match condition feature prevents these vulnerabilities in your web application by inspecting different elements of the incoming request.

In October of 2015, we added support for the popular open source MariaDB database in Amazon RDS and have since seen rapid adoption by customers. Amazon RDS supports MariaDB instances running in Single-AZ or Multi-AZ configurations in all AWS regions. Today we are extending the RDS Service Level Agreement ("SLA") that covers Multi-AZ instances for MySQL, Oracle, and PostgreSQL to include Amazon RDS for MariaDB.

Starting today, Amazon RDS supports two new features for RDS for PostgreSQL database instances: the option to enforce only SSL connections to your instance, and near-realtime access to a set of 56 system and process metrics for your instance.

You can use AWS Mobile Hub to develop apps in Swift. Simply login to the AWS Mobile Hub console to create a project and select features for your app including user authentication, data storage, backend logic, push notifications, content delivery, and analytics, then choose Swift from the build tab of your project. AWS Mobile Hub automatically provisions these features and generates a working quickstart app for iOS that you can use as a foundation for your app, or cut and paste code snippets to your existing app.

AWS continues to innovate at a rapid pace, and one of the keys to building a successful business on AWS is ensuring you can accurately explain the value and operation of AWS and its latest features. AWS Business and Technical Professional courses consist of e-learning modules and assessments designed to help you stay current. Today we’re making them available in additional languages— Simplified Chinese, Japanese, Korean, French, German, and Brazilian Portuguese, with Spanish to follow soon. These courses are available at no cost to APN Partners via the APN Portal. Once you successfully complete all course assessments, you achieve an accreditation that validates your role-specific knowledge.

Support for multiple trails: You can now create up to 5 trails in the AWS GovCloud (US) region. Different stakeholders such as IT auditors, security administrators, and developers can create and manage their own trail. Additionally, you can prescribe granular access control to allow or deny access to specific trails for particular users. For more details, refer to the Multiple Trails section of the CloudTrail User Guide. One trail per region is free. Charges apply for additional trails. For pricing details, go to the CloudTrail pricing page.

Amazon EC2 Spot instances are now available in the Asia Pacific (Seoul) region. AWS customers in the area can now use Spot instances to save up to 90% compared to On-Demand prices by bidding on unused Amazon EC2 capacity. In addition to reducing the cost of running your applications, you can also use Spot instances to increase your computing scale and throughput for the same budget and enable new types of cloud computing applications.

You can now scale up your existing ElastiCache for Redis clusters to a larger node type with a few clicks. Simply modify your node type by choosing from the available options and let ElastiCache manage the rest. Your existing node endpoints will persist, thus no application update is required. Scale up for Redis is designed to make a best effort to retain your existing data and requires Redis replication to succeed. For more details, please refer to Jeff Barr’s blog and ElastiCache Documentation.

Amazon RDS for SQL server now supports authentication using the Windows Authentication method. You can now enable your applications to authenticate against Amazon RDS for SQL Server using credentials stored in the AWS Directory Service for Microsoft Active Directory (Enterprise Edition). Keeping all of your credentials in the same directory will save you time and effort because you will no longer have to find and update each copy of the credentials in separate repositories. This may also improve your overall security profile. Windows Authentication support is now available for new instances as well as existing instances.

Today we are announcing the availability of two new CloudWatch metrics for monitoring network packets on EC2 instances. The new metrics are NetworkPacketsIn and NetworkPacketsOut. These new metrics provide insight into the number of network packets flowing to and from an EC2 instance. These metrics are available along with the other CloudWatch metrics for all EC2 instances on the EC2 console, CLI and API.

The AWS Cryptography team has announced the AWS Encryption SDK. This new SDK makes encryption easier for developers while minimizing errors that could lower the security of their applications. Developers using encryption often face two problems: a. how to correctly generate and use a key to encrypt data, and b. how to protect the key after it’s been used. The library provided in the AWS Encryption SDK addresses the first problem by transparently implementing the low-level details using the cryptographic provider available in a developer’s environment. The library addresses the second problem by providing intuitive interfaces to let developers choose how they want to protect their encryption keys after use. By using the AWS Encryption SDK, developers can focus on the core of the application they’re building instead of the complexities of encryption. We’ve provided ready-to-use samples in the SDK for AWS customers who use AWS CloudHSM or AWS Key Management Service, however the open source SDK can be extended to support other key providers.

You can now easily upgrade the engine version on your existing ElastiCache for Redis clusters to utilize Amazon ElastiCache enhancements, including increased usable memory, improved synchronization and more efficient failovers. To achieve the smoothest performance on ElastiCache for Redis, we recommend you upgrade to the latest engine version that is compatible with Redis 2.8.24. The engine upgrade process is designed to make a best effort to retain your existing data and requires Redis replication to succeed. For more details and best practices on upgrading your ElastiCache for Redis engine version please refer to the ElastiCache Documentation.

AWS Device Farm now lets you add unmetered Android and iOS device slots to your account to run unlimited tests for a recurring monthly fee of $250 per device slot. Pricing for unmetered testing is fixed regardless of test type and device minutes used. Regardless of the number of device slots that you purchase, you can test on any number of devices and execution concurrency is simply limited to the number of slots. To learn more about device slots please visit our FAQ.

Our new AWS Professional Services Delivery Best Practices Bootcamp is designed to help our partners develop professional services competencies at their firms. In this intensive three-day bootcamp we share our collective professional services learnings derived from important customer projects to help enable partners to deliver large, successful engagements, and to ensure that collectively we deliver a very positive customer experience. Attendees should be focused on helping enterprise customers migrate applications to AWS and have at least six months experience working on AWS implementations. Attendees are required to hold a minimum of one Associate AWS Certification. Registration for this bootcamp is available at no cost to APN Premier Consulting and Advanced Partners. Learn more at Partner Training.

Starting today, you can monitor the capacity and performance metrics of your Spot fleets via CloudWatch. You can view metrics such as total desired, fulfilled and currently launching capacity of a fleet, in addition to monitoring aggregated EC2 instance metrics such as CPU utilization, disk reads and writes, and network traffic for a given fleet. These metrics enable you to get visibility into the usage and performance of your Spot fleets, and to dynamically scale in response to application load.

AWS Storage Gateway is pleased to announce increased capacity for both gateway-virtual tape library (VTL) and gateway-stored volumes. This enables you to store more data in AWS without needing to run additional gateways, reducing your cost and operational overhead.

You can now more easily set up or select your Identity and Access Management (IAM) role when connecting to an Amazon Redshift cluster from the Amazon Machine Learning (Amazon ML) console. To streamline the process of setting up your connection to Amazon Redshift, Amazon ML now pre-populates an interactive drop-down menu of existing IAM roles that have an Amazon ML managed policy for Amazon Redshift, and other IAM roles that you might prefer. From the Amazon ML console, you have the option of dynamically creating a new IAM role, enabling you to quickly connect to your Amazon Redshift cluster.

Amazon VPC Endpoints for S3 is now available in South America (Sao Paulo) and Asia Pacific (Seoul) Regions. Amazon VPC endpoints are easy to configure and provide reliable connectivity to Amazon S3 without requiring an internet gateway or a Network Address Translation (NAT) instance. With VPC endpoints, the data between the VPC and S3 is transferred within the Amazon network, helping protect your instances from internet traffic.

AWS Marketplace, which lists over 2,500 popular software products for sale by over 850 independent software vendors, has announced support for purchasing software products along new pricing dimensions. Until now, customers could only purchase software by the hour, the month or the year. Now, customers can purchase software from select AWS Marketplace vendors that is priced by the users created or provisioned, the hosts monitored or deployed, or the data processed or stored. This is a new level of flexibility for customers and software sellers, and is expected to further increase customer choice by enabling new products to be listed in the AWS Marketplace.

This new Quick Start automates the deployment of Puppet on the AWS cloud. Puppet is a declarative, model-based configuration management solution from Puppet Labs that lets you define the state of your IT infrastructure, and automatically enforces that desired state on your systems. This Quick Start automates the deployment of a Puppet master and Puppet agents from scratch, using AWS CloudFormation templates. It deploys Open Source Puppet by default, but you can upgrade to Puppet Enterprise by registering with Puppet Labs and downloading a free trial to manage 10 nodes.

We’re excited to announce two new Amazon S3 lifecycle management policies to help you reduce cost and optimize performance.

Incomplete multipart upload expiration policy – The multipart upload feature improves PUT performance by uploading parts of a large object in parallel. If a multipart upload is not completed, the partial upload does not appear when you list your objects by default, but does incur storage charges. Previously, you needed to manually cancel the multipart upload to remove partial uploads. Starting today, you can set a lifecycle policy to automatically expire incomplete multipart uploads after a predefined number of days. The policy applies to everything in a bucket, including existing partial uploads.

Expired object delete markers expiration policy – The S3 bucket versioning feature helps you recover from unintended user deletes or application logic failures. When you delete a versioned object, a delete marker becomes the current version of the object and the original is retained as the previous version. While you are not charged for storing delete markers, removing expired markers can improve performance for list requests on your bucket. With this launch, you can now set a lifecycle policy to automatically remove the current version delete marker when previous versions of the object no longer exist.

You can now configure AWS IoT Rules to route device-generated data directly to Amazon Elasticsearch domains, enabling you to analyze the data, perform full-text or parametric search on the data, and visualize it with Kibana. The integration supports use cases such as, full-text search for device specific error codes, and device performance visualization in near real-time.

You can now launch larger, more cost-efficient R3 nodes when using Amazon ElastiCache in AWS China (Beijing) and AWS South America (Sao Paulo). R3 nodes are optimized for memory-intensive applications and have the lowest cost per GiB of RAM among all Amazon ElastiCache node types. For a full list of ElastiCache node types supported in each AWS region, please see this.

AWS Database Migration Service is now available to all customers. Using AWS Database Migration Service allows you to migrate databases to AWS easily, securely, and cost-effectively, with no downtime. There is no need to install any drivers or applications; you can begin a database migration with just a few clicks in the AWS Management Console. Because you only pay for the compute resources used during the migration process, a terabyte-sized database can be migrated for as little as $3.

You can now provision Amazon GameLift using AWS CloudFormation. This lets you use CloudFormation to provision a GameLift fleet of Amazon EC2 instances to host game servers on and a GameLift build, which consists of your game server executable and supporting assets, libraries, and dependencies. You can also provision GameLift aliases, which let you redirect player sessions to a fleet that you specify.

Amazon Lumberyard Beta 1.1 includes 208 new improvements, fixes, and features to Amazon’s free, cross-platform 3D engine that enables you to create the highest-quality games, connect games to the vast compute and storage of the AWS Cloud, and engage fans with Twitch. Lumberyard Beta 1.1 introduces significant workflow improvements, the introduction of mobile support for iOS and Android, and extends the functionality of Twitch ChatPlay.

You can now use Apache Sqoop 1.4.6, Apache HCatalog 1.0.0, an upgraded version of Apache Mahout (0.11.1), and upgraded sandbox releases of Presto (0.136) and Apache Zeppelin (0.5.6) on Amazon EMR release 4.4.0. Sqoop allows your Apache Hadoop MapReduce jobs (including Apache Hive and Apache Pig on MapReduce) to interact in parallel with SQL databases through JDBC. Mahout 0.11.1 now supports running your applications using Apache Spark. Zeppelin 0.5.6 includes GitHub integration and import/export support for Zeppelin notebooks. Additionally, Apache Spark is now configured with improved default settings for executors on nodes in your cluster. Dynamic allocation of executors is now enabled by default, and Amazon EMR will configure the memory per executor when creating your cluster based on the Amazon EC2 instance family of your core instance group. You can still override these default settings by using a configuration object or passing additional parameters when submitting your Spark application using spark-submit. Lastly, you can now use Java Development Kit 8 (JDK 8) for your runtime environment (the default for your cluster is JDK 7). However, please note that JDK 8 is not compatible with Hive.

Amazon Aurora now allows you to assign a promotion priority tier to each instance on your database cluster. The priority tiers give you more control over replica promotion during failovers. When the primary instance fails, Amazon RDS will promote the replica with the highest priority to primary. You can assign lower priority tiers to replicas that you don’t want promoted to the primary instance. For more information on promotion tiers and failover logic, read the Amazon Aurora User Guide. To know more about Amazon Aurora, visit our product page.

To enable you to maximize your email authentication opportunities, you can now specify the MAIL FROM domain of emails you send with Amazon SES. The MAIL FROM address, also called the "envelope MAIL FROM," is the address that the sending mail server (Amazon SES) specifies to a receiving mail server to indicate the source of the message. Whereas you have always been able to specify the address that recipients see in their inboxes (the "From" address from the email header), this is the first time that Amazon SES enables you to specify the MAIL FROM domain.

Amazon GameLift is a fully managed service that makes it simple and cost-effective to deploy, operate, and scale session-based multi-player game servers in the cloud. GameLift, which launched a month ago for two regions in North America, can now provide optimal game server performance for players in Europe and Japan.

You can now restore a single table from an Amazon Redshift snapshot instead of restoring the entire cluster. This new feature enables you to restore a table that you might have dropped accidentally, or reconcile data from a table that you might have updated or deleted unintentionally. To restore a table from a snapshot, simply navigate to the “Table Restore” tab for a cluster and click on the “Restore Table” button.

Amazon CloudWatch Logs is enhancing security and visibility by adding support for AWS CloudTrail. You can now use AWS CloudTrail to track changes to your CloudWatch Logs resources such as your Log Groups, Log Streams, Metrics Filters, Subscription Filters, and Log Export Tasks.

You can now use Memcached Auto-Discovery capabilities for PHP 7 on Amazon ElastiCache. For instructions on compiling the code for your client, please refer to the documentation on our GitHub repository here. For more information about node Auto-Discovery please see this.

You can now use AWS Device Farm to run automated tests for your iOS apps written with the XCTest UI automation framework. The XCTest UI testing allows you to write automated UI tests in Swift or Objective-C. To get started, simply choose XCTest UI when creating a new test run and upload your UI test package using the steps outlined in the documentation. No configuration or modification to your app or tests is necessary. If you have any questions, please let us know in the discussion forum.

You can now create triggers that send notifications or automatically run code whenever a change occurs in an AWS CodeCommit repository. You can send notifications from Amazon Simple Notification Service (Amazon SNS) or invoke AWS Lambda functions in response to the repository events you choose (e.g. commit to a branch, branch or tag creation, and branch or tag deletion). This helps you customize and automate your development workflow.

In January, Amazon Web Services announced the availability of longer IDs for EC2 instances and reservations. As of March 7, 2016, newly created AWS accounts will use longer EC2 instance and reservation IDs by default in the following regions: US East (Northern Virginia), US West (Oregon), US West (Northern California), EU (Ireland), and EU (Frankfurt). In other regions, new accounts will use longer EC2 instance and reservation IDs by default starting in mid-April 2016.

We have released four new features for our VPC VPN product in the Sao Paulo region. Starting today the VPN product now supports AES 256, SHA-2, additional Diffie Hellman groups, and NAT Traversal. In addition to those new features, you can also re-use your Customer Gateway (CGW ) IP address. You no longer need a unique IP address for each connection you create.

Now you can use Amazon Simple Notification Service (Amazon SNS) to receive notifications such as emails and text messages when the status of your AWS Directory Service directory changes to or from an “Active” state. Amazon SNS uses topics to collect and distribute messages to subscribers. When AWS Directory Service detects a change in your directory’s status, it will publish a message to the associated topic, which is then sent to topic subscribers.

AWS Config Rules allows you to create rules that continuously check the configuration of relevant AWS resources recorded by AWS Config, and notifies you when resources do not comply with these guidelines. Using the rules dashboard, you can track overall compliance status and troubleshoot specific resource configurations that do not comply.

We are excited to announce that you can now reference security groups in a peered Virtual Private Cloud (VPC) in both inbound and outbound rules. This functionality is supported cross-account so the two VPCs can be in different accounts. Support for security group references in a peered VPC simplifies configuration by controlling peering traffic via security group membership instead of CIDR ranges.

Today we are announcing support for Virtual Private Cloud (VPC) ClassicLink in the Sao Paulo region. ClassicLink allows Amazon Elastic Compute Cloud (EC2) instances in the EC2-Classic platform to communicate with instances in a VPC using private IP addresses, instead of public addresses through the Internet. We are also announcing support for ClassicLink DNS support. This feature enables support for DNS resolution of public hostnames to private IP addresses when queried over ClassicLink, making it easier for EC2-Classic instances to communicate with VPC resources using public DNS hostnames.

Today, we are announcing support for EMC NetWorker 8.x with AWS Storage Gateway-Virtual Tape Library (VTL). You can now backup and archive directly to scalable, cost-effective, secure Amazon S3 and Amazon Glacier storage using Gateway-VTL with NetWorker.

Amazon Kinesis Streams enables you to build custom applications that process or analyze streaming data for specialized needs. You can now use Amazon Kinesis Streams from the South America (Sao Paulo) Region, in addition to US East (Northern Virginia), US West (Oregon), US West (Northern California), EU (Ireland), EU (Frankfurt), Asia Pacific (Singapore), Asia Pacific (Tokyo), Asia Pacific (Sydney), and Asia Pacific (Seoul) Regions. You can get pricing information for all the regions from our pricing page.

We are excited to announce that Amazon Route 53 health checks now support Server Name Indication (SNI) for health checks over HTTPS. With SNI and HTTPS support, you can now create health checks for secure websites that rely on SNI to serve the correct website and certificate to requests for a particular domain name.

AWS Data Pipeline now offers an on-demand schedule type, providing you the option to run your pipeline immediately on activation instead of on a time-based schedule. With on-demand scheduling, your pipeline will run once every time it is activated. This allows you to run your pipelines on an ad-hoc basis. For example, you can now activate a pipeline from an AWS Lambda function based on an external event.

We are concluding the Developer Preview for Unity in the AWS SDK for .NET and making it Generally Available (GA). The Unity support in the .NET SDK makes it easier for you to build Unity games by letting you take advantage of AWS services such as Amazon DynamoDB for NoSQL database, Amazon S3 for storage, Amazon Cognito for user identity management and data synchronization, and Amazon Mobile Analytics for tracking user and device based analytics. We recommend that you upgrade to the new version of the SDK to take advantage of the recent improvements.

You can now launch MySQL 5.7 instances on Amazon RDS. MySQL 5.7 is the latest major version release and offers a number of enhancements for better performance, scalability, and security. Some of the key new features in MySQL 5.7 are:

Support for the AWS IoT API is now available in the AWS Mobile SDK for Android. Now, you can use the mobile SDK to publish and subscribe to device data via MQTT with X.509 certificates, and access device shadows so that applications or other devices can read messages and interact with devices, even when they aren’t connected. To learn more about the AWS Mobile SDK for Android, read the release notes.

You can now use AWS CloudTrail to track creations, deletions, and configuration changes for Amazon Cognito Identity pools and Cognito Sync. With this announcement, you can also create Amazon CloudWatch Alarms to monitor for specific activity on Amazon Cognito Identity pools and Cognito Sync configurations, and receive Amazon Simple Notification Service (Amazon SNS) or email notifications.

US service members returning from active duty can face many challenges—including finding a new job or even a new career. To help US veterans succeed, we’ve worked with the Department of Veterans Affairs to make AWS Certification exams eligible for VA reimbursement.

AWS Directory Service for Microsoft Active Directory (Enterprise Edition), also referred to as “Microsoft AD” is now available in the AWS Asia Pacific (Singapore) region. AWS Directory Service for Microsoft AD, is powered by Windows Server 2012 R2. When you select and launch this directory type, it is created as a highly available pair of domain controllers connected to your virtual private cloud (VPC). The domain controllers run in different Availability Zones in a region of your choice. Host monitoring and recovery, data replication, snapshots, and software updates are automatically configured and managed for you.

Amazon EMR is a service that allows you to use distributed data processing frameworks such as Apache Hadoop, Apache Spark and Presto to process data. You will now be able to customize storage on your Amazon Elastic Compute Cloud (EC2) instance, running Amazon EMR, by attaching Amazon Elastic Block Store (EBS) volumes to your EC2 instances. You will also be able to launch Amazon EMR clusters using the next-generation M4 and C4 EC2 instance families. Adding EBS volumes to an instance is beneficial if your processing requirements need larger amounts of Hadoop Distributed File System (HDFS) or local storage than what is available by default on an instance; if you want to take advantage of the latest generation EC2 families like the M4, C4 and R3, but are constrained by the storage available on these instance types; or if you want to optimize the storage relative to compute on an Amazon EMR cluster. Amazon EMR supports the Amazon EBS General Purpose SSD (gp2), Magnetic (standard) and Provisioned IOPS (io1) volume types. The added EBS volumes are tied to the lifecycle of the associated instances and augment any existing storage on these instances. If you terminate an Amazon EMR cluster, any associated EBS volumes are also deleted. The EBS volumes used with Amazon EMR will be charged at regular EBS rates. When you terminate the cluster, the EBS volumes are automatically deleted and you stop paying for those volumes. Visit the documentation to learn more.

You can now view Amazon CloudWatch metrics directly within the Amazon Simple Queue Service (SQS) console. Amazon CloudWatch monitors your Amazon SQS and other AWS resources in real time. Within the Amazon SQS console, you can monitor CloudWatch metrics such as the number of messages sent, received, and deleted on your queues. Previously, you had to switch back and forth between browser tabs to view Amazon CloudWatch metrics. Now, you can get a rapid view of your queue metrics without leaving Amazon SQS.

Enhanced Monitoring for Amazon RDS allows you to get deeper visibility into the health of your Amazon RDS instances in real time. It provides a comprehensive set of over 50 new system metrics and aggregated process information for your instances, at granularity of up to 1 second. You can visualize the metrics on the RDS console, and also integrate them with CloudWatch and third-party applications. Enhanced Monitoring for Amazon RDS was earlier made available for MySQL 5.6, now it is also available for MySQL 5.5.

You can now enable AWS Lambda to access resources in a Virtual Private Cloud (VPC). Your Lambda functions can now access Amazon RDS databases, Amazon Redshift data warehouses, Amazon ElasticCache nodes, and other endpoints that are accessible only from within a particular VPC (e.g., web service running on EC2).

ImportImage and ImportSnapshot functions have been added to the API, which greatly improves the VM Import/Export service. ImportImage allows customers to import multiple volume and multiple disk images.

You can now launch R3 and T2 instances when using Amazon RDS for MySQL, MariaDB, PostgreSQL, Oracle and SQL Server in the AWS GovCloud (US) region. R3 instances are optimized for memory-intensive applications and have the lowest cost per GiB of RAM among the Amazon EC2 instance types. T2 instances provide a baseline level of CPU performance with the ability to burst above the baseline. The bursting model is based on “CPU Credits” that accumulate during quiet periods for spending when things get busy. To learn more about the benefits of the R3 and T2 instance families on Amazon RDS, visit the documentation page. For more information on pricing, visit the pricing page.

Amazon Aurora is now available to customers in AWS Asia Pacific (Sydney) region. Amazon Aurora is a MySQL-compatible relational database management system (RDBMS) that combines the speed and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases. Amazon Aurora provides up to five times better performance than MySQL at a price point one tenth that of a high-end commercial RDBMS while delivering similar performance and availability

Starting today, in addition to sharing your unencrypted database snapshots, you can also share encrypted database snapshots with other AWS accounts. You may share an encrypted DB snapshot with up to 20 accounts via the RDS console, API and CLI. Encrypted snapshots can be shared within the same region only, and cannot be shared publicly for security reasons. Learn more about how to share encrypted database snapshots on the RDS documentation.

Amazon VPC Endpoints for S3 is now available in China (Beijing) Region. Amazon VPC endpoints are easy to configure and provide reliable connectivity to Amazon S3 without requiring an internet gateway or a Network Address Translation (NAT) instance. With VPC endpoints, the data between the VPC and S3 is transferred within the Amazon network, helping protect your instances from internet traffic.

You can now use Secure Sockets Layer (SSL) and Native Network Encryption (NNE) to establish a secure network connection to all editions of Amazon RDS for Oracle. Starting with Oracle database version 11gR2, these features are no longer part of the Oracle Advanced Security option and are available in all Oracle editions supported by Amazon RDS.

You can now use the Amazon Machine Learning (Amazon ML) console to retrieve data from Amazon Redshift with an improved data schema conversion functionality. Data types supported by Amazon ML are not equivalent to Amazon Redshift’s supported data types, requiring a schema conversion when creating an Amazon ML datasource. Using the Amazon ML console, you will now be able to take advantage of more accurate rules for this schema conversion process, based on the data type information provided by Amazon Redshift. For more information about using Amazon Redshift with Amazon ML, please reference the documentation in the Amazon ML developer guide.

We are excited to announce that Amazon Lumberyard is now available for download at http://aws.amazon.com/lumberyard. Amazon Lumberyard is a free, cross-platform, 3D game engine for developers to create the highest-quality games, connect their games to the vast compute and storage of the AWS Cloud, and engage fans on Twitch. Amazon Lumberyard helps developers build beautiful worlds, make realistic characters, and create stunning real-time effects. With Amazon Lumberyard’s visual scripting tool, even non-technical game developers can add cloud-connected features to a game in minutes (such as a community news feed, daily gifts, or server-side combat resolution) through a drag-and-drop graphical user interface.

Append rows to a target table: Using the ALTER TABLE APPEND command, you can now append rows to a target table. When you issue this command, Amazon Redshift moves the data from the source table to matching columns in the target table. ALTER TABLE APPEND is usually much faster than a similar CREATE TABLE AS or INSERT INTO operation because it moves the data instead of duplicating it. This could be particularly useful in cases where you load data into a staging table, process it, and then copy the results into a production table. For more details, refer to the ALTER TABLE APPEND command.

This new version of the Quick Start makes it easier than ever to get up and running with Trend Micro Deep Security on the AWS cloud. Trend Micro Deep Security is a host-based security product that provides Anti-Malware, Host Firewall, Intrusion Prevention, File Integrity Monitoring, Log Inspection, Web Application Firewalling, and Content Filtering modules in a single agent running in the guest operating system.

We are excited to launch three new features to enhance the WorkSpaces user experience. Amazon WorkSpaces has added support for voice communication with headsets, high DPI screens, and saved registrations.

You can now use Network Address Translation (NAT) Gateway in the EU (Frankfurt) region. NAT Gateway is a highly available AWS managed service that makes it easy to connect to the Internet from instances within a private subnet in an AWS Virtual Private Cloud (VPC). Previously, you needed to launch a NAT instance to enable NAT for instances in a private subnet.

You can now configure AWS WAF to block, allow, or monitor (count) requests based on the content in HTTP request bodies. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from an HTML form.

Amazon EMR release 4.3.0 now offers upgraded versions of Apache Hadoop (2.7.1), Apache Spark (1.6.0), Ganglia (3.7.2), and an upgraded sandbox release of Presto (0.130). Hadoop 2.7.1 is a minor version upgrade with various bug fixes and performance enhancements. Spark 1.6.0 includes several new features, such as the compile-time type safety using the Dataset API, machine learning pipeline persistence using the Spark ML Pipeline API, a variety of new machine learning algorithms in Spark ML, and automatic memory management between execution and cache memory in executors. Presto 0.130 now supports S3 server-side encryption and client-side encryption using the PrestoS3Filesystem.

You can now integrate Google+ Sign-in to provide federated authentication for your Mobile Hub generated applications. With this addition, Mobile Hub now fully integrates with two external identity providers: Facebook and Google+.

You can now instruct AWS CloudFormation to continue rolling back an update to your stack even after the rollback has failed. Previously, you would not be able to reinitiate a rollback of your stack after it had originally failed, requiring you to contact customer support.

AWS Certificate Manager is a new service that lets you easily provision, manage, and deploy Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services. SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet. AWS Certificate Manager removes the time-consuming manual process of purchasing, uploading, and renewing SSL/TLS certificates. With AWS Certificate Manager, you can quickly request a certificate, deploy it on AWS resources such as Elastic Load Balancers or Amazon CloudFront distributions, and let AWS Certificate Manager handle certificate renewals. SSL/TLS certificates provisioned through AWS Certificate Manager are free. You pay only for the AWS resources you create to run your application.

You can now provision SSL/TLS certificates and associate them with CloudFront distributions within minutes. Simply provision a certificate using the new AWS Certificate Manager (ACM) and deploy it to your CloudFront distribution with a couple of clicks, and let ACM manage certificate renewals for you. ACM allows you to provision, deploy, and manage the certificate with no additional charges.

We are pleased to announce that Run Command has been expanded to the following 6 regions: US West (N. California), EU (Frankfurt), Asia Pacific (Singapore), Asia Pacific (Tokyo), Asia Pacific (Sydney) and South America (Sao Paulo). This is in addition to existing support for US East (N. Virgina), US West (Oregon), and Europe (Ireland). Run Command provides a simple way to securely manage the configuration of your AWS EC2 instances and lets you automate simple tasks like executing Shell scripts on Linux, running PowerShell commands on Windows, installing software or patches, and more.

As our healthcare and life sciences customers use AWS products to deliver the next generation of medical, health, and wellness solutions, we're happy to announce that AWS customers are now successfully developing, validating and operating all or part of their GxP systems using AWS products. To help speed adoption, and in cooperation with Lachman Consultants, a multidisciplinary team of highly experienced FDA and pharmaceutical industry experts, we’ve developed and published a new whitepaper, “Considerations for Using AWS Products in GxP Systems”. GxP requirements apply to organizations that make regulated food and medical products such as pharmaceuticals, medical devices, and mobile medical applications – contact AWS Sales to determine if these GxP enablers are the right option for you!

To learn more about GxP compliance on AWS, customers can visit our GxP Cloud Page.

You can now download version 1.0.200 of the AWS Schema Conversion Tool. This version adds support for PostgreSQL as a conversion target, in addition to MySQL/MariaDB/Aurora conversion targets available previously. Further improvements include:

Ability to save converted schema as SQL scripts in local files to simplify manual adjustments, before the schema scripts are applied to the target database.

AWS is pleased to announce the immediate availability of a new automated sign-up capability for AWS GovCloud (US). The new self-service capability greatly reduces the time it takes for qualified customers to gain access to AWS GovCloud (US). To get started, log in with root credentials for your standard AWS account to enable use of AWS GovCloud (US), navigate to the My Account page from the AWS Management Console, and select the “Sign Up for AWS GovCloud (US)” button. Note that automated sign-up is only available to direct AWS customers in the United States.

The AWS Identity and Access Management (IAM) console shows service last accessed data as part of the process of deleting an IAM user or role. Now you have additional data that shows you when a resource was last active so that you can make a more informed decision about whether or not to delete it.

In November, we announced that EC2 and EBS will have longer identifiers for instances, volumes, reservations, and snapshots to support the ongoing growth of Amazon Web Services. Starting today, you can opt in to using longer EC2 instance and reservation IDs using APIs or the AWS Management Console. Note: Longer EBS volume and snapshot IDs will be available in April 2016.

You can now purchase Amazon EC2 Scheduled Reserved Instances for applications that run on a part-time basis. Reserved Instances provide a capacity reservation so that you can have confidence in your ability to launch the number of instances you have reserved when you need them.

You can now use t2.nano Amazon EC2 instances when running applications on AWS Elastic Beanstalk. The t2.nano is recommended for low-traffic website hosting, microservices and developer environments which have low memory needs and don’t need consistently high levels of CPU on average, but benefit significantly from having full access to very fast CPUs when they need them. Starting at only $4.75 per month ($0.0065 per hour), it is the lowest priced EC2 instance.

We are pleased to announce ClassicLink DNS Support for Virtual Private Cloud (VPC). This feature enables support for DNS resolution of public hostnames to private IP addresses when queried over ClassicLink. A public DNS hostname of an instance in a VPC will resolve to private IP address when queried from a linked EC2-Classic instance. Similarly, a public DNS hostname of a linked EC2-Classic instance will resolve to private IP address when queried from an instance in the VPC. Additionally, you can now access private hosted zones associated with your VPC from a linked EC2-Classic instance. ClassicLink DNS support makes it easier for EC2-Classic instances to communicate with VPC resources using public DNS hostnames.

You can now configure Amazon Redshift Work Load Management (WLM) settings to move timed-out queries automatically to the next matching queue and restart them. The matching queue has the same Query Group or User Group as the original queue. Please see the WLM Queue Hopping section of our documentation for more detail.

AWS is excited to announce immediate availability of the new AWS Asia Pacific (Seoul) Region. Seoul joins Singapore, Tokyo, Sydney, and Beijing as the fifth AWS Region in Asia Pacific and as the twelfth region worldwide, bringing the total number of AWS Availability Zones to 32 worldwide.

We are reducing the On-Demand, Reserved Instance, and Dedicated Host pricing for C4 and M4 instances running Linux by 5% in the US East (Virginia), US West (N. California), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), and Asia Pacific (Sydney) regions.

We are excited to announce that Amazon WorkMail is now available to all customers. Amazon WorkMail is a secure, managed business email and calendar service with support for existing desktop and mobile clients. Amazon WorkMail gives users the ability to seamlessly access their email, contacts, and calendars using Microsoft Outlook, Apple Mail, their web browser, or their native iOS and Android email applications.